SOC Analyst
You will review and triage security alerts across endpoints, applications, SaaS and cloud infrastructure. You will write and tune detection rules to reduce false positives, escalate and assist in incident response, run projects to improve monitoring, and collaborate with Engineering and IT. Expect regular business hours with occasional evenings and weekend coverage and onsite work in the Bangalore office.
Responsibilities
- Review and triage security alerts
- Tune rules to reduce false positives
- Write new detection rules to cover MITRE ATT&CK techniques
- Escalate potential incidents
- Assist in incident response activities
- Run projects end to end to improve security monitoring
- Work with Engineering and IT on visibility coverage and detection
Requirements
- 4+ years responding to alerts or similar role
- Familiar with MITRE ATT&CK framework
- Comfortable writing and tuning detection rules
- Experience triaging alerts and determining if an event is an incident
- Exposure to application, SaaS, cloud and endpoint logs
- Strong communication skills with technical and non-technical audiences
- Prefer candidates who have detected a real-life security incident
Benefits
- IT equipment support
- Meal and commute allowance
- Medical insurance
- Well-being allowance
- On-site snacks in the Bangalore office