SOC Analyst III
- Swiggy
- 5 - 7 years
- Bengaluru
- 28 days ago
- Email to a friend
- Report this job
Job Description
Analyst Level 3 - Security Operations Centre (SOC)
Ways of working Full-time with rotational shifts and mandatory Work from Office
Location: Embassy Tesh Village, Bangalore
Year of Experience: 5+ years in a SOC or security operations environment, with at least 2 years in a senior or advanced analyst role.
ABOUT THE TEAM & ROLE:
As a Level 3 Security Operations Centre (SOC) Analyst, you will be responsible for identifying, analyzing, and responding to security incidents and threats within an organization's IT infrastructure. This senior role demands a high level of expertise in security operations, threat analysis, and incident response. You will work closely with other teams, including Level 1 and Level 2 analysts, management, and engineering, to ensure the security of the organization's network and systems. Your work will contribute to detecting and mitigating advanced cyber threats, ensuring that the organization remains protected against emerging risks.
What will you get to do here?
Incident Response & Investigation:
- Lead investigations of complex security incidents, including intrusion detection, malware analysis, and vulnerability exploitation.
- Perform in-depth analysis of security incidents to determine their scope, impact, and method of attack.
- Take immediate and appropriate action to contain, mitigate, and resolve security threats.
Threat Hunting:
- Proactively hunt for hidden threats and vulnerabilities within the organization's systems and networks.
- Analyze logs and data from multiple sources (e.g., firewalls, intrusion detection systems, antivirus solutions) to identify patterns indicative of malicious activity.
- Utilize advanced threat intelligence to stay ahead of potential attackers and new attack vectors.
Security Monitoring & Analysis:
- Oversee and manage security monitoring tools to detect potential security incidents and vulnerabilities.
- Analyze alerts and reports generated by various security tools, ensuring accuracy and appropriateness.
- Ensure the effective operation and tuning of SIEM (Security Information and Event Management) systems, IDS/IPS, and other security technologies.
- Identify and define new use cases as well as modify existing ones
Collaboration & Knowledge Sharing:
- Mentor and provide guidance to junior analysts (Level 1 and Level 2) in incident handling, investigation, and security best practices.
- Collaborate with IT, network, and engineering teams to resolve security issues and implement proactive security measures.
- Document incidents and maintain accurate records for reporting and auditing purposes.
Reporting & Documentation:
- Generate detailed post-incident reports that include findings, recommendations, and remediation steps.
- Assist in the development and maintenance of SOC procedures, playbooks, and security policies.
- Report trends and emerging threats to senior management and stakeholders.
- Create and maintain standard operating procedures (SOPs), playbooks, and runbooks.
- Lead root cause analysis and develop lessons learned documentation post-incident
Continuous Improvement:
- Stay up to date on the latest cybersecurity threats, trends, and technologies.
- Contribute to the development and improvement of incident response plans and security protocols.
- Participate in security training programs to continually enhance skills and capabilities.
What qualities are we looking for?
- Education: Bachelor's degree in Computer Science, Information Security, or related field, or equivalent experience.
- Experience: 5+ years of experience in a SOC or security operations environment, with at least 2 years in a senior or advanced analyst role.
- Technical Skills:
- Strong experience with security tools and SaaS Application, including SIEM (Splunk, Sentinel One, QRadar, etc.), IDS/IPS, firewalls, Endpoint Protection, DLP, Active Directory/Azure and vulnerability scanners.
- Expertise in incident response, digital forensics, and malware analysis.
- Deep understanding of security frameworks, methodologies, and best practices (NIST, ISO 27001, MITRE ATT&CK, etc.).
- Knowledge and experience of common operating systems (Windows, Mac, Linux) and networking protocols (TCP/IP, HTTP, DNS, etc.).
- Advanced understanding of cyber threats and attack vectors, including APTs (Advanced Persistent Threats), ransomware, DDoS, and insider threats.
- Familiarity with cloud security environments and services (AWS, Azure, GCP).
- Skills & Abilities:
- Strong written and verbal communication skills, with the ability to report findings to both technical and non-technical stakeholders.
- Ability to work well under pressure and manage multiple tasks simultaneously.
- Relevant certifications such as CISSP, CISM, CEH, GIAC, or similar are a plus.
- Desired Skills:
- Experience with threat intelligence platforms and frameworks.
- Proficiency in scripting or automation (Python, PowerShell, etc.) for threat detection and incident response tasks.
- Experience with network traffic analysis tools (Wireshark, tcpdump, etc.).
- Knowledge of forensic tools and techniques.
- Familiarity with security incident management platforms (ServiceNow, Remedy, Jira, Fresdesk etc.).
- Preferred Certifications:
- CompTIA Security+
- EC-Council Certified SOC Analyst (CSA)
- CompTIA Cybersecurity Analyst (CySA+)
- EC-Council SOC Essentials (S|CE)
- ISACA - CCOA
- GIAC Security Operations Certified (GSOC):
- GIAC Certified Incident Handler (GCIH):
- GIAC Certified Intrusion Analyst (GCIA):
- (ISC) Systems Security Certified Practitioner (SSCP):
- GIAC Cyber Threat Intelligence (GCTI):
- GIAC Certified Forensic Analyst (GCFA) / GIAC Certified Forensic Responder (GCFR)
- AWS Certified Security - Specialty / Certified Cloud Security Professional (CCSP)
Visit our tech blogs to learn more about some of the challenging Problem Statements the team works at:-
- https://bytes.swiggy.com/engineering-challenges-at-swiggy-430dea6c86a3
- https://bytes.swiggy.com/the-swiggy-delivery-challenge-part-one-6a2abb4f82f6
- https://bytes.swiggy.com/what-serviceability-means-at-swiggy-c94c1aad352a
- https://bytes.swiggy.com/architecture-and-design-principles-behind-the-swiggys-delivery-partner s-app-4db1d87a048a
- https://bytes.swiggy.com/swiggy-distance-service-9868dcf613f4
- https://bytes.swiggy.com/the-tech-that-brings-you-your-food-1a7926229886
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, disability status, or any other characteristic protected by the law.
Job Classification
Industry: InternetFunctional Area / Department: IT & Information SecurityRole Category: IT SecurityRole: Security Engineer / AnalystEmployement Type: Full timeContact Details:
Company: SwiggyLocation(s): Bengaluru
Keyskills: threat analysis digital forensics security operations risk management soc ceh siem tools cissp cism incident response malware analysis scripting security automation flexible teamwork gcp saas applications security+ splunk cisa certified communication skills
Similar positions
Swiggy
Swiggy is Indias leading on-demand delivery platform with a tech-first approach to logistics and a solution-first approach to consumer demands. With a presence in 500 cities across India, partnerships with hundreds of thousands of restaurants, an employee base of over 5000, a 2 lakh+ strong independ...
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in