CrawlJobs Logo

Senior SOC Analyst/ SOC Lead

India, Hyderabad · Job Posted May 26, 2026
Apply Position
Job Link Share

Job Description

The Managed Services Information Security Analyst is a seasoned subject matter expert, responsible for working with security tools and other security teams to monitor, analyze, interpret and report on the incoming client data for the purpose of delivering security information and recommendations to the clients, enabling the organization to deliver the contracted security services. This role includes performing tasks such as security incident detection and response, security event reporting, threat hunting, content maintenance (tuning) and interacting with clients to ensure their understanding of the information generated, recommending client system changes as well as answering security related queries from the clients.

Job Responsibility

  • Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts
  • Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting
  • Monitors security tools to review and analyze security logs from client environments
  • Generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience
  • Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards
  • Utilizes and documents best practices and amends existing documentation as required
  • Identifies opportunities to make automations which will help the clients and security delivery teams
  • Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics
  • Utilizes a broad range of skills in LAN technologies, Windows and Linux O/S's, and general security infrastructure
  • Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as and when required
  • Performs defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information
  • Undertakes threat hunting activities across both individual client estates, as well as cross client hunting
  • Manages unresolved incidents and follows up until incidents are resolved
  • Works closely with client delivery teams to support their activities related to client delivery
  • Cooperates closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client
  • Performs any other related task as required

Requirements

  • Seasoned knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts
  • Seasoned knowledge on security architecture, worked across different security technologies
  • Seasoned knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised
  • Displays excellent customer service orientation and pro-active thinking
  • Displays problem solving abilities and is highly driven and self-organized
  • Excellent attention to detail
  • Excellent analytical and logical thinking
  • Excellent spoken and written communication abilities
  • Team player with the ability to work well with others and in group with colleagues and stakeholders
  • Ability to remain calm in pressurized situations
  • Ability to keep current on emerging trends and new technologies in area of specialization
  • Bachelor's degree or relevant qualification in Information Technology or Computing or a related field
  • Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous
  • Seasoned experience in SOC Analysis Operations
  • Seasoned experience in SIEM usage for investigations
  • Seasoned experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy
  • Seasoned experience in dealing with technical support to clients
  • Seasoned experience in handling security incidents end to end
  • Seasoned experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools
  • Seasoned experience in Security Analysis or Engineering preferably gained within a global services organization

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Senior SOC Analyst/ SOC Lead

8 matching positions

Senior SOC Analyst

In Cyclad we work with top international IT companies in order to boost their po...
Location
Location
Salary
Salary:
Not provided
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a SOC or cybersecurity operations role
  • Strong experience with SIEM platforms (e.g., Splunk, IBM QRadar, Microsoft Sentinel)
  • Hands-on experience with EDR/XDR solutions (e.g., CrowdStrike, Microsoft Defender, SentinelOne)
  • Solid understanding of network protocols, system logs, and security event analysis
  • Experience with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK)
  • Proficiency in analyzing logs from Windows, Linux, and cloud environments
  • Familiarity with scripting (e.g., Python, PowerShell) for automation and analysis
  • Strong analytical, problem-solving, and decision-making skills
  • Fluent English, both written and spoken
Job Responsibility
Job Responsibility
  • Monitor, analyze, and respond to security events and incidents using SIEM and other security tools
  • Lead incident response activities, including investigation, containment, eradication, and recovery
  • Perform advanced threat hunting and detection engineering
  • Develop and tune detection rules and use cases to improve SOC effectiveness
  • Analyze malware, phishing campaigns, and emerging threats
  • Coordinate with IT, engineering, and external stakeholders during security incidents
  • Mentor and support junior SOC analysts
  • Create and maintain incident response playbooks and documentation
  • Participate in on-call rotation and handle escalated security alerts
  • Ensure compliance with internal policies and industry standards
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs)
  • Family package option possible
  • Multisport card (also for an accompanying person)
  • Life insurance
  • Work with talented engineers on large-scale, technically challenging projects
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are working with a leading UK IT solutions and managed services provider that...
Location
Location
United Kingdom
Salary
Salary:
50000.00 GBP / Year
dynamicsearch.co.uk Logo
Dynamic Search Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in SOC operations, digital forensics, incident response or threat detection
  • Experience leading complex security investigations and responding to high severity incidents
  • Advanced experience working with SIEM platforms, ideally Microsoft Sentinel and Defender XDR
  • Strong KQL knowledge for threat hunting and detection development
  • Experience using scripting languages such as Python or PowerShell for automation
  • Familiarity with digital forensics and investigation tools such as Velociraptor, KAPE or sandbox environments
  • Excellent written and verbal communication skills with the ability to present technical findings clearly
  • Comfortable mentoring junior team members and contributing to team development
Job Responsibility
Job Responsibility
  • Incident Response & Forensics: Lead complex security incidents from detection to remediation, coordinate containment, analyse attacker activity, and support client decision-making during high-severity events
  • Threat Hunting & Detection Engineering: Proactively hunt for threats using advanced KQL analytics, tune SIEM/EDR detections, and develop signatures aligned with MITRE ATT&CK
  • Malware Analysis & Reverse Engineering: Perform malware triage and behavioural analysis, using reverse-engineering tools when required
  • Client Reporting & Communication: Produce clear, high-quality investigation reports, timelines, and intelligence summaries for both technical and non-technical audiences
  • SOC Leadership & Continuous Improvement: Contribute to SOC playbooks, mentor junior analysts, support onboarding of new clients, and enhance processes and tooling
  • On-Call Support: Participate in the 24×7 on-call rota to provide expert support during critical incidents
What we offer
What we offer
  • Fully remote working across the UK
  • Competitive salary with additional benefits depending on experience
  • Opportunity to work within a mature and well supported Security Operations environment
  • Ongoing professional development and training opportunities
  • Exposure to a wide range of client environments and security challenges
  • Supportive culture with a strong focus on collaboration and continuous improvement
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are seeking a Senior SOC Analyst to lead advanced security monitoring, incide...
Location
Location
South Africa , South Africa
Salary
Salary:
Not provided
overturerede.in Logo
Overture Rede
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • 3–5 years of experience in SOC operations, incident response, or advanced security monitoring roles
  • One or more of the following advanced certifications: GIAC GCFA (Forensic Analyst) or GNFA (Network Forensics Analyst) GIAC GCTI (Cyber Threat Intelligence) GIAC GSOC (Security Operations Certified) CREST Registered Intrusion Analyst (CRIA) Advanced tool/vendor certifications (e.g., Splunk Enterprise Security Admin, Elastic Security Specialist)
  • Strong expertise in digital forensics, incident handling, and threat intelligence
  • Advanced knowledge of MITRE ATT&CK and threat actor TTPs
  • Proficiency in SIEM query languages (SPL, KQL, Lucene)
  • Experience working in 24×7 enterprise or MSSP SOC environments
  • Strong reporting, documentation, and stakeholder communication skills
Job Responsibility
Job Responsibility
  • Lead advanced incident response activities, including containment, eradication, and recovery
  • Perform digital and network forensic investigations to support incident analysis
  • Conduct proactive threat hunting and advanced detection engineering
  • Analyze threat intelligence and correlate with internal security events
  • Design, tune, and optimize SIEM and SOAR use cases and detection rules
  • Serve as an escalation point for complex security incidents
  • Provide mentorship and technical leadership to junior and intermediate SOC analysts
  • Develop SOC playbooks, procedures, and post-incident reports
  • Collaborate with security architecture and risk teams to improve security posture
What we offer
What we offer
  • Higher responsibility than junior role
  • Career growth opportunity
  • Strong job security
  • Fulltime
Read More
Arrow Right

Senior Cyber Security Analyst – Incident Response & SOC

We don’t hang up the leash until the job is done. Senior Cyber Security Analyst ...
Location
Location
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Email security fundamentals (SPF, DKIM, DMARC)
  • Phishing and malware investigations
  • DFIR / forensic investigation skills
  • Deep incident response experience
  • Threat analysis across multiple log sources
  • Hands-on tooling knowledge (EDR, SIEM, malware analysis, endpoint/network forensics)
  • Strong troubleshooting and scenario-based thinking
  • Strong written and verbal communication skills
  • Working knowledge of Data Loss Prevention concepts/products, Data Encryption concepts, and endpoint management
  • Technical knowledge of common network protocols and design patterns including TCP/IP, HTTPS, FTP, SFTP, SSH, RDP, CIFS/SMB, NFS
Job Responsibility
Job Responsibility
  • Leading investigations and serving as a subject matter expert while correlating data across multiple log sources and systems
  • Continually improving cyber security procedures and documentation to enhance the security posture of the organization
  • Communicating with users, vendors, and other IT personnel on security-related issues, providing expert guidance and support
  • Staying up to date on evolving cyber threats, identifying their impact, and detecting them in our environment
  • Managing infrastructure security systems such as HIDS/NIDS, SIEM, NGAV, EDR, UBA, WAF, DLP, and vulnerability management tools to meet regulatory requirements
  • Collaborating with business groups to establish and maintain strong working relationships
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

SOC Lead - Cyber Security Operations

We are seeking an experienced SOC Lead to head Vodafone’s Security Operations Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years in security operations, including at least 4+ years in a SOC leadership or senior incident response role
  • Proven leader of 24x7 SOC teams, with a strong track record of improving MTTT/MTTR, triage quality, and operational performance
  • Technical authority in incident response, capable of leading complex investigations and making sound decisions under pressure
  • Highly experienced with SIEM platforms such as Splunk, Microsoft Sentinel, Google SecOps, ArcSight, or QRadar, and familiar with EDR/NDR technologies
  • Skilled in driving SOC automation, SOAR, and AI-enabled capabilities, with a clear understanding of governance and responsible use
  • Knowledgeable across network, endpoint, and cloud security, with a strong grasp of attacker techniques and the MITRE ATT&CK framework
  • Analytical decision-maker who balances risk, speed, and business impact in ambiguous situations
  • Passionate about developing people and building sustainable SOC capability for the future
  • Educated to degree level in Cyber Security, Computer Science, Information Technology, or a related discipline (or equivalent practical experience)
  • Holder of relevant certifications such as GIAC, CISSP, or vendor-specific SOC certifications
Job Responsibility
Job Responsibility
  • Lead and manage 24x7 SOC operations, ensuring consistent, high-quality alert monitoring, triage, and incident response across all markets
  • Own and drive SOC service performance against key KPIs including MTTT, MTTR, triage quality, and SLA adherence, delivering measurable improvements in detection quality, response speed, and efficiency
  • Oversee the full alert lifecycle, ensuring accurate investigation, containment, escalation, and high-quality incident reporting
  • Continuously enhance detection capabilities by improving SIEM use cases, alert logic, and playbooks, reducing false positives and increasing coverage across priority threat scenarios
  • Drive the adoption of automation, SOAR, and AI-assisted capabilities to improve speed, consistency, and scalability, with appropriate governance and human oversight
  • Lead SOC transformation initiatives focused on reducing alert fatigue, streamlining workflows, and improving analyst productivity
  • Build, coach, and develop a high-performing SOC team through structured capability development, performance management, and knowledge sharing
  • Act as the final escalation point for complex or high-risk incidents, applying expert judgement to validate and close cases
  • Deliver clear, data-driven SOC performance and incident reporting to senior leadership
  • Foster a culture of continuous improvement through post-incident reviews, detection retrospectives, and operational learning
What we offer
What we offer
  • The opportunity to lead a globally impactful SOC function within a recognised Cyber Defence Centre of Excellence
  • Exposure to large-scale, complex cyber defence operations across multiple international markets
  • The chance to shape and influence the future of SOC operations through automation and AI-driven transformation
  • A collaborative, inclusive environment that supports professional growth and continuous learning
  • The ability to work with advanced security technologies and experienced cyber defence professionals
  • Fulltime
Read More
Arrow Right

Senior SOC Engineer

At Paribu, every team member plays a crucial role in driving innovation and deli...
Location
Location
Türkiye , İstanbul
Salary
Salary:
Not provided
paribu.com Logo
Paribu
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Electronics Engineering, or related fields
  • 3+ years of IT security experience and relevant SOC Operations & Incident Management skills
  • Strong verbal and written communication skills in English
  • In-depth understanding of Incident Response methodologies and taxonomy
  • Proven experience in implementing SOC tools, including design, migration, implementation, and operation
  • Proficiency in using Security Analytics for threat detection
  • Hands-on experience with Splunk Enterprise Security tools
  • Strong knowledge of log sources (Windows Event Logs, Linux Syslog, Firewalls, IPS/IDS, EDR, DLP, Cloud Environments, etc.)
  • Proficiency in Splunk SPL Queries and ability to create unique dashboards, alerts, and correlation searches
  • Passionate about security technology and staying current with industry trends
Job Responsibility
Job Responsibility
  • Continuously monitoring emerging threats and Indicators of Compromise (IOCs), and proactively implementing timely detection and prevention measures
  • Developing and implementing threat modelling maps using the MITRE ATT&CK framework
  • Acting as a Level 3 Incident Response Specialist, providing pivotal support to SOC Analysts
  • Overseeing system triage activities to ensure efficient response and resolution
  • Playing a significant role in resilience activities against cybercrimes
  • Leading major SOC modernization projects, including adopting and implementing new technologies, managing large-scale migrations, and designing end-to-end processes
  • Architecting, deploying, managing, and securing SIEM, EDR, and Threat Intelligence systems
  • Establishing advanced correlation rules for various use cases to enhance detection capabilities
  • Creating and publishing data models to facilitate ease of access and analysis for data requestors
  • Building custom solutions to address specific security challenges
What we offer
What we offer
  • Meal allowance – Generous support with a flexible meal card
  • Private health insurance – Comprehensive coverage for employees, including spouse and children
  • Commuting support – Financial support for commuting based on your office route
  • S.O.S. leave (10 days) – Additional leave days up to 10 days per year for urgent and unexpected matters, apart from annual leave
  • Birthday leave – One extra day off during your birthday month
  • Language learning support – Resources to enhance English communication skills
  • Personal development support – Budget for exploring hobbies, attending professional courses, and personal growth
  • Well-being & health platform – Access to digital health and wellness services, including mental health support, and well-being resources
  • Relocation allowance – Financial support for relocation within a 15-km radius of the Paribu’s office
  • Top-tier work equipment – High-performance devices and all the essential tools you need to do your best work
  • Fulltime
Read More
Arrow Right
New

Senior Security Analyst

Made Tech helps UK public sector organisations build and run secure, user-centre...
Location
Location
United Kingdom , Any UK Office Hub (Bristol / London / Manchester / Swansea)
Salary
Salary:
50000.00 - 60000.00 GBP / Year
madetech.com Logo
Made Tech
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hold one of the following - Systems Security Certified Practitioner (SSCP), CompTIA Security+, or an equivalent foundational operational security credential expected of Senior SOC analysts
  • Certifications that would strengthen your application: Certified Cloud Security Professional (CCSP), CompTIA Advanced Security Practitioner (CASP+), HTB Certified Defensive Security Analyst (HTB CDSA)
  • Experience applying structured analytical techniques - ACH, key-assumptions checks, or similar, to produce rigorous, bias-resistant intelligence assessments, and comfort peer-reviewing others' analytic tradecraft
  • Working knowledge of cloud security event investigation and cloud detection tuning, particularly across AWS, Azure, or GCP environments, including understanding of infrastructure-level telemetry
  • Experience framing security findings in risk terms for non-technical stakeholders — communicating likelihood, impact, and recommended treatment clearly, and reflecting asset criticality and threat context in prioritisation decisions
  • Evidence of building or improving SOAR playbooks, automated triage workflows, or equivalent automation that reduced analyst toil in a SOC or detection-engineering context
  • Familiarity with UK government security frameworks — in particular the NCSC CAF, GovAssure, and HMG Security Policy Framework — and experience aligning detection or response work to those standards in a government or regulated environment
  • Experience working within an agile or Kanban-based team model, contributing to workflow improvement, running or participating in retrospectives, and helping the team improve its own practices — not just delivering within them
  • Experience acting as a trusted working-level contact for client security stakeholders — anchoring on their actual outcomes, raising concerns or opportunities proactively, and contributing subject-matter expertise to proposals or bids
  • Hands-on experience with at least one major SIEM platform (for example, Splunk, Microsoft Sentinel, or Elastic Security) including writing and tuning detection rules
Job Responsibility
Job Responsibility
  • Lead threat hunts and intrusion investigations
  • Author, tune, and peer-review detection content
  • Own sub-cycles of the intelligence lifecycle
  • Lead incident response and drive improvement
  • Build SOAR playbooks and auto-triage
  • Align security operations to UK public sector standards
  • Mentor junior analysts and raise team standards
  • Contribute to the practice beyond your immediate engagement
What we offer
What we offer
  • 30 days Holiday
  • Flexible Working Hours
  • Flexible Parental Leave
  • Remote Working
  • Paid counselling
  • SC Eligibility
  • Smart Tech scheme
  • Cycle to work scheme
  • Individual benefits allowance which you can invest in a Health care cash plan or Pension plan
  • Optional social and wellbeing calendar of events
  • Fulltime
Read More
Arrow Right

Senior Security Analyst

The Cyber Defense Investigations – Escalations (CDI-ESC) team is Microsoft's dee...
Location
Location
United States , Multiple Locations
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Lead deep-dive investigations into the most complex and high-severity security incidents, including root cause analysis, blast radius assessment, threat actor attribution, and impact/scope determination
  • Proactively hunt across Microsoft's cloud and identity telemetry (e.g., MSTIC, Kusto/ADX, ArmProd, ESTS) to surface emerging threats and operationalize threat intelligence into queries, notebooks, and detection logic
  • Drive cross-team response for nation-state, supply chain (npm, GitHub, OpenVSX), and identity-based compromises - partnering with MSTIC, OpsHub, Detection Engineering, Evictions, and Service teams to contain and remediate at scale
  • Translate investigation findings into durable improvements - new detections, platform fixes, playbooks, and process changes - so the same class of attack does not succeed twice
  • Raise the bar on investigation quality, contributing to documented standards, peer reviews, and measurable rigor across incidents, hunts, and forensics
  • Leverage AI and Copilot technologies to accelerate triage, evidence collection, and analysis, helping the team stay ahead of attackers operating at machine speed
  • Mentor and uplevel peers in advanced investigation techniques, threat actor tradecraft, and reverse engineering, building a strong culture of investigative excellence
  • Fulltime
Read More
Arrow Right