Security Operations Center Analyst

Tier 1–2 SOC Analyst) – Security Operations & Vulnerability Management

Overview

As part of our growing global Security Operations capability and in support of our eDocs acquisition, we are seeking a Tier 1–2 SOC Analyst located in Hyderabad India. This role will help ensure continuous coverage for security monitoring, investigation, vulnerability management, and secure operations during India business hours. The analyst will monitor critical security platforms, investigate security events, and collaborate with Engineering teams to triage and remediate vulnerabilities identified through vulnerability management (VM) and static code analysis tooling.

This role is ideal for someone with strong analytical skills, a security-first mindset, and the ability to collaborate effectively with technical teams and end users.

Key Responsibilities

Security Monitoring & Incident Response

• Monitor day-to-day alerts and activities across:
• Entra ID (Identity & Access security events)
• Cortex XDR (endpoint detection and response)
• Elastic SIEM (log analysis, correlation, and threat detection)
• KnowB4 / email security tooling (phishing reports, training metrics, suspicious email escalations)
• Perform initial triage, classification, and prioritization of security alerts.
• Conduct Tier 1–2 investigations, including:
• Reviewing logs and telemetry across multiple platforms
• Identifying potential threats or anomalies
• Taking initial containment or remediation steps based on SOC playbooks
• Escalate complex cases to senior SOC analysts or incident responders, providing clear documentation and analysis.
• Track and follow up on incidents to ensure timely closure and lessons learned.

Vulnerability Management & Secure Engineering Support

• Assist Engineering teams by reviewing and validating vulnerability findings from:
• Vulnerability Management (VM) scanning tools
• Static Application Security Testing (SAST) / static code analysis platforms
• Help teams understand severity, exploitability, and recommended remediation paths.
• Collaborate with Engineering to ensure vulnerabilities are prioritized, assigned, and remediated within established SLAs.
• Support vulnerability verification and retesting as required.
• Contribute to secure development and deployment best practices by providing security guidance and explaining findings in clear, actionable terms.

Regional Security Support (Hyderabad Time Zone)

• Serve as the primary security point of contact for India-based employees and Engineering teams.
• Provide timely assistance in responding to local security events, access concerns, or phishing incidents.
• Help foster a culture of security awareness by guiding users on safe practices and escalating patterns of risky behavior.
• Ensure round-the-clock operational coverage by handing off incidents to other time-zone teams as needed.

Required Skills & Qualifications

• 1–3 years of experience in SOC operations, cybersecurity, or IT security roles.
• Hands-on experience with:
• Identity security tools such as Microsoft Entra ID
• EDR platforms such as Cortex XDR
• SIEM technologies (Elastic SIEM preferred)
• Email security tools, phishing analysis, or KnowBe4
• Basic to intermediate understanding of:
• Cybersecurity attack methods, malware behavior, and threat actor tactics
• Networking, Windows/Linux systems, and cloud concepts (Azure/AWS)
• Familiarity with vulnerability scanning tools (e.g., Qualys, Tenable, or similar).
• Exposure to static code analysis or application security is a plus.
• Strong analytical, communication, and documentation skills.
• Ability to work autonomously and collaboratively within an international SOC model.

Preferred Qualifications

• Relevant security certifications (e.g., Security+, CySA+, Azure Security Engineer, Elastic certifications).
• Experience working in a global or follow-the-sun SOC environment.
• Prior work supporting Engineering teams or DevSecOps initiatives.

What We Offer

• Opportunity to shape and enhance the security posture of a critical new acquisition (eDocs).
• Work in a modern SOC with leading technologies across identity, endpoint, SIEM, and application security.
• Collaboration with experienced SOC, Security Engineering, and DevSecOps professionals globally.
• Growth opportunities in incident response, threat hunting, and application security.