CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Administration

Senior SOC Analyst/ SOC Lead

India, Hyderabad · Job Posted May 26, 2026
Apply Position
Job Link Share

Job Description

The Managed Services Information Security Analyst is a seasoned subject matter expert, responsible for working with security tools and other security teams to monitor, analyze, interpret and report on the incoming client data for the purpose of delivering security information and recommendations to the clients, enabling the organization to deliver the contracted security services. This role includes performing tasks such as security incident detection and response, security event reporting, threat hunting, content maintenance (tuning) and interacting with clients to ensure their understanding of the information generated, recommending client system changes as well as answering security related queries from the clients.

Job Responsibility

  • Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts
  • Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting
  • Monitors security tools to review and analyze security logs from client environments
  • Generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience
  • Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards
  • Utilizes and documents best practices and amends existing documentation as required
  • Identifies opportunities to make automations which will help the clients and security delivery teams
  • Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics
  • Utilizes a broad range of skills in LAN technologies, Windows and Linux O/S's, and general security infrastructure
  • Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as and when required
  • Performs defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information
  • Undertakes threat hunting activities across both individual client estates, as well as cross client hunting
  • Manages unresolved incidents and follows up until incidents are resolved
  • Works closely with client delivery teams to support their activities related to client delivery
  • Cooperates closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client
  • Performs any other related task as required

Requirements

  • Seasoned knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts
  • Seasoned knowledge on security architecture, worked across different security technologies
  • Seasoned knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised
  • Displays excellent customer service orientation and pro-active thinking
  • Displays problem solving abilities and is highly driven and self-organized
  • Excellent attention to detail
  • Excellent analytical and logical thinking
  • Excellent spoken and written communication abilities
  • Team player with the ability to work well with others and in group with colleagues and stakeholders
  • Ability to remain calm in pressurized situations
  • Ability to keep current on emerging trends and new technologies in area of specialization
  • Bachelor's degree or relevant qualification in Information Technology or Computing or a related field
  • Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous
  • Seasoned experience in SOC Analysis Operations
  • Seasoned experience in SIEM usage for investigations
  • Seasoned experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy
  • Seasoned experience in dealing with technical support to clients
  • Seasoned experience in handling security incidents end to end
  • Seasoned experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools
  • Seasoned experience in Security Analysis or Engineering preferably gained within a global services organization
NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior SOC Analyst/ SOC Lead

8 matching positions

Senior Cybersecurity Analyst, Threat Hunter

Our cybersecurity and information security teams at IDEXX contribute to a more r...
Location
Location
United States , Westbrook, Maine
Salary
Salary:
120000.00 - 140000.00 USD / Year
idexx.com Logo
IDEXX
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6–10 years of experience in cybersecurity roles
  • Minimum of 3 years dedicated specifically to threat hunting or advanced incident response
  • Bachelor’s degree in computer science, Cybersecurity, Information Technology, or a related field
  • Preferred certifications GCIH (GIAC Certified Incident Handler) and CompTIA CySA+ (Cybersecurity Analyst+) certification
  • Proven, hands-on experience using platform for EDR (Endpoint Detection and Response) and threat hunting
  • Expert-level knowledge of PowerShell Scripting, Python and EDR and SIEM query language is preferred
  • Deep understanding of incident response lifecycles, methodologies, and forensic techniques
  • Strong knowledge of networking protocols, operating systems (Windows, Linux, macOS), and common attack vectors
  • Familiarity with scripting languages (e.g., Python, PowerShell) for automation of hunting tasks is a plus
  • Exceptional analytical and problem-solving skills with keen attention to detail
Job Responsibility
Job Responsibility
  • Proactively hunt for indicators of compromise (IOCs) and advanced persistent threats (APTs) across the network, endpoints, and cloud environments using threat intelligence and a hypothesis-driven methodology
  • Conduct in-depth analysis of security events, network traffic, and endpoint data to identify malicious activity and potential breaches
  • Utilize the SIEM and EDR platform extensively, applying expert knowledge of the scripting, SIEM and EDR query language to perform complex searches and data analysis
  • Lead and participate in incident response activities, including containment, eradication, and recovery efforts, serving as a primary escalation point for critical security incidents
  • Develop and refine threat hunting playbooks, procedures, and detection rules to improve the security team’s efficiency and effectiveness
  • Collaborate with the security engineering and security operations center (SOC) teams to integrate new threat intelligence and enhance existing security tools and controls
  • Mentor junior analysts and contribute to the ongoing improvement of the organization's overall security posture
What we offer
What we offer
  • Opportunity for annual cash bonus
  • Health / Dental / Vision Benefits Day-One
  • 5% matching 401k
  • Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Incident Response Analyst

You will work as a Senior Cybersecurity Incident Response Analyst as part of Hew...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • typically 4+ years of relevant experience
  • SOC team/Incident response analyst experience is required
  • proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • advanced understanding of adversary tactics, techniques, and procedures (TTPs)
  • advanced Cyber and IT security knowledge
  • advanced understanding of Cyber and IT security risks, best practices, threats and prevention measures as well as containment and remediation actions
  • advanced understanding of SQL and relevant scripting languages
  • advanced data security system analysis skills
  • advanced risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most complex cybersecurity incidents, guiding cross-functional teams through containment, eradication, and recovery
  • analyze associated logs and respond to high severity incidents
  • suggest automation opportunities to enhance IR
  • mentor and provide technical guidance to less experienced cybersecurity professionals
  • stay at the forefront of cybersecurity trends, threats, and technologies
  • foster a culture of continuous improvement and innovation
  • encourage the adoption of new technologies and methodologies
  • provide insight and guidance through after action reviews working with stakeholders.
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • programs for professional and personal career development
  • unconditional inclusion and flexibility to manage work and personal needs.
  • Fulltime
Read More
Arrow Right

Senior Information Security Compliance Analyst

We're looking for a technically grounded Senior IS Compliance Analyst who speaks...
Location
Location
United States , Chicago
Salary
Salary:
90000.00 - 130000.00 USD / Year
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in technical security roles such as Security Operations, Incident Response, Security Analysis, penetration testing, or similar
  • Practical knowledge of security tools, SIEM platforms, vulnerability management, and security monitoring
  • and ability to read and understand security logs, configurations, and technical documentation
  • 6+ years of total experience with significant time in GRC
  • Working knowledge of ISO 27001, NIST frameworks, SOC 1/2, and GDPR requirements
  • Experience developing and implementing information security policies and controls
  • ISO 27001:2022 Lead Implementer and Lead Auditor certification
Job Responsibility
Job Responsibility
  • Lead technical security assessments and integration of acquired companies, mapping their security architectures and controls to our GRC frameworks, identifying gaps, and building remediation roadmaps that address both technical security and compliance alignment
  • Bridge technical security and business stakeholders by evaluating risks through a technical lens, working alongside security engineering teams to translate GRC requirements into practical security measures, and communicating effectively across technical and non-technical audiences
  • Develop and harmonize security policies and control frameworks across acquired entities, ensuring they're both audit ready and operationally sound, while translating between technical security requirements and governance documentation
  • Own customer security questionnaire responses by leveraging your hands-on security background to provide detailed, accurate answers and collaborating with infrastructure, application security, and operations teams to gather technical evidence
  • Drive continuous improvement of our GRC program through technical security enhancements, meaningful security and compliance metrics, and process improvements that increase both control effectiveness and operational efficiency
What we offer
What we offer
  • health and welfare benefits
  • tuition assistance
  • 401K savings and other retirement programs
  • employee assistance programs
Read More
Arrow Right

SOC Operations Manager

This is an exceptional opportunity to lead, shape, and elevate a Security Operat...
Location
Location
United Kingdom , Hemel Hempstead
Salary
Salary:
80000.00 - 90000.00 GBP / Year
thepeoplenetwork.co.uk Logo
Fynity
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience leading SOC operations in a 24×7 or multi-client environment
  • Strong background in incident management, threat detection, and escalation processes
  • Technical depth across SIEM/SOAR tooling, preferably Splunk or Microsoft Sentinel
  • A passion for developing teams — coaching analysts and building collaborative, high-performing cultures
  • Strong understanding of frameworks and standards such as NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL
  • Excellent communication skills, with the ability to translate technical risks into clear business impacts
  • Security Clearance – Willing and Able to go through the DV process
  • Have held budgetary responsibility
Job Responsibility
Job Responsibility
  • Lead and develop a skilled SOC team, inspiring a culture of continuous learning and technical excellence
  • Oversee the full lifecycle of security incidents — from detection through to resolution and review
  • Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities
  • Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards
  • Oversee vulnerability management, threat intelligence, and incident response plans
  • Communicate security posture, risks, and incident outcomes clearly to senior stakeholders
  • Ensure operational readiness and contribute to maintaining industry accreditations
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are working with a leading UK IT solutions and managed services provider that...
Location
Location
United Kingdom
Salary
Salary:
50000.00 GBP / Year
dynamicsearch.co.uk Logo
Dynamic Search Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong background in SOC operations, digital forensics, incident response or threat detection
  • Experience leading complex security investigations and responding to high severity incidents
  • Advanced experience working with SIEM platforms, ideally Microsoft Sentinel and Defender XDR
  • Strong KQL knowledge for threat hunting and detection development
  • Experience using scripting languages such as Python or PowerShell for automation
  • Familiarity with digital forensics and investigation tools such as Velociraptor, KAPE or sandbox environments
  • Excellent written and verbal communication skills with the ability to present technical findings clearly
  • Comfortable mentoring junior team members and contributing to team development
Job Responsibility
Job Responsibility
  • Incident Response & Forensics: Lead complex security incidents from detection to remediation, coordinate containment, analyse attacker activity, and support client decision-making during high-severity events
  • Threat Hunting & Detection Engineering: Proactively hunt for threats using advanced KQL analytics, tune SIEM/EDR detections, and develop signatures aligned with MITRE ATT&CK
  • Malware Analysis & Reverse Engineering: Perform malware triage and behavioural analysis, using reverse-engineering tools when required
  • Client Reporting & Communication: Produce clear, high-quality investigation reports, timelines, and intelligence summaries for both technical and non-technical audiences
  • SOC Leadership & Continuous Improvement: Contribute to SOC playbooks, mentor junior analysts, support onboarding of new clients, and enhance processes and tooling
  • On-Call Support: Participate in the 24×7 on-call rota to provide expert support during critical incidents
What we offer
What we offer
  • Fully remote working across the UK
  • Competitive salary with additional benefits depending on experience
  • Opportunity to work within a mature and well supported Security Operations environment
  • Ongoing professional development and training opportunities
  • Exposure to a wide range of client environments and security challenges
  • Supportive culture with a strong focus on collaboration and continuous improvement
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Truveta is the world’s first health provider led data platform with a vision of ...
Location
Location
United States , Seattle
Salary
Salary:
135000.00 - 180000.00 USD / Year
truveta.com Logo
Truveta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cyber Security, Computer Science, Information Security, Information Systems, or a related field, or equivalent practical experience
  • 5+ years of experience in Security Operations (SOC), Incident Response, or Detection & Response role, with demonstrated ownership of complex security incidents
  • Hands-on experience with Microsoft Sentinel (SIEM) and Microsoft Defender XDR (Defender for Endpoint, Identity, Office 365, Cloud Apps)
  • Proficiency in KQL (Kusto Query Language) for investigations, threat hunting, and detection engineering
  • Experience designing, tuning, and maintaining SIEM detections and SOAR automation, including alert triage and response workflows
  • Solid understanding of Azure cloud architecture, core services, and native security controls
  • Familiarity with Azure Entra ID, identity security concepts, RBAC, and IAM-related threats
  • Experience with handing high-severity security incidents, including cross-team coordination and stakeholder communication
  • Familiarity with MITRE ATT&CK, threat actor techniques, and modern attack methodologies across cloud, identity, and endpoint environments
  • Experience supporting on-call rotations and working in a 24/7 or follow-the-sun SOC environment
Job Responsibility
Job Responsibility
  • Incident Response: Handle investigation and response to security incidents across endpoints, identities, email, cloud workloads, and SaaS applications
  • Act as a senior escalation point for SOC analysts during complex or ambiguous security events
  • Participate in on-call rotations and provide senior-level escalation support when needed
  • Lead or contribute to post-incident reviews (RCA, postmortems) and track remediation actions to completion
  • Ensure incidents are accurately documented for audit, compliance, and operational learning
  • Maintain and improve incident response runbooks, playbooks, and escalation procedures
  • Support incident readiness activities, including tabletop exercises and response drills
  • Detection Engineering & Automation: Develop, tune, and maintain Microsoft Sentinel analytics rules to improve detection quality and reduce false positives
  • Design and optimize KQL queries for investigations, threat hunting, and detection engineering
  • Integrate and maintain log sources and data connectors in Microsoft Sentinel, ensuring data quality and proper normalization
What we offer
What we offer
  • Interesting and meaningful work for every career stage
  • Great benefits package
  • Comprehensive benefits with strong medical, dental and vision insurance plans
  • 401K plan
  • Professional development & training opportunities for continuous learning
  • Work/life autonomy via flexible work hours and flexible paid time off
  • Generous parental leave
  • Regular team activities (virtual and in-person)
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

We are seeking a Senior SOC Analyst to lead advanced security monitoring, incide...
Location
Location
South Africa , South Africa
Salary
Salary:
Not provided
overturerede.in Logo
Overture Rede
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field
  • 3–5 years of experience in SOC operations, incident response, or advanced security monitoring roles
  • One or more of the following advanced certifications: GIAC GCFA (Forensic Analyst) or GNFA (Network Forensics Analyst) GIAC GCTI (Cyber Threat Intelligence) GIAC GSOC (Security Operations Certified) CREST Registered Intrusion Analyst (CRIA) Advanced tool/vendor certifications (e.g., Splunk Enterprise Security Admin, Elastic Security Specialist)
  • Strong expertise in digital forensics, incident handling, and threat intelligence
  • Advanced knowledge of MITRE ATT&CK and threat actor TTPs
  • Proficiency in SIEM query languages (SPL, KQL, Lucene)
  • Experience working in 24×7 enterprise or MSSP SOC environments
  • Strong reporting, documentation, and stakeholder communication skills
Job Responsibility
Job Responsibility
  • Lead advanced incident response activities, including containment, eradication, and recovery
  • Perform digital and network forensic investigations to support incident analysis
  • Conduct proactive threat hunting and advanced detection engineering
  • Analyze threat intelligence and correlate with internal security events
  • Design, tune, and optimize SIEM and SOAR use cases and detection rules
  • Serve as an escalation point for complex security incidents
  • Provide mentorship and technical leadership to junior and intermediate SOC analysts
  • Develop SOC playbooks, procedures, and post-incident reports
  • Collaborate with security architecture and risk teams to improve security posture
What we offer
What we offer
  • Higher responsibility than junior role
  • Career growth opportunity
  • Strong job security
  • Fulltime
Read More
Arrow Right

Senior SOC Analyst

In Cyclad we work with top international IT companies in order to boost their po...
Location
Location
Salary
Salary:
Not provided
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a SOC or cybersecurity operations role
  • Strong experience with SIEM platforms (e.g., Splunk, IBM QRadar, Microsoft Sentinel)
  • Hands-on experience with EDR/XDR solutions (e.g., CrowdStrike, Microsoft Defender, SentinelOne)
  • Solid understanding of network protocols, system logs, and security event analysis
  • Experience with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK)
  • Proficiency in analyzing logs from Windows, Linux, and cloud environments
  • Familiarity with scripting (e.g., Python, PowerShell) for automation and analysis
  • Strong analytical, problem-solving, and decision-making skills
  • Fluent English, both written and spoken
Job Responsibility
Job Responsibility
  • Monitor, analyze, and respond to security events and incidents using SIEM and other security tools
  • Lead incident response activities, including investigation, containment, eradication, and recovery
  • Perform advanced threat hunting and detection engineering
  • Develop and tune detection rules and use cases to improve SOC effectiveness
  • Analyze malware, phishing campaigns, and emerging threats
  • Coordinate with IT, engineering, and external stakeholders during security incidents
  • Mentor and support junior SOC analysts
  • Create and maintain incident response playbooks and documentation
  • Participate in on-call rotation and handle escalated security alerts
  • Ensure compliance with internal policies and industry standards
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs)
  • Family package option possible
  • Multisport card (also for an accompanying person)
  • Life insurance
  • Work with talented engineers on large-scale, technically challenging projects
  • Fulltime
Read More
Arrow Right