SOC Analyst L3

OcIT -
Gurugram, Haryana

Quick apply

Job details

Qualifications

Microsoft Windows Server
Windows
CEH
Firewall
DHCP
Analysis skills
NIST standards
IDS
DNS
SIEM
Log analysis
CompTIA Security+
Communication skills
Active Directory
Network security
VPN

Full job description

SOC Analyst L3 (Security Operations Analyst L2 & L3) – Summary

We are seeking an experienced SOC Analyst L3 to join a 24x7 Security Operations / Command Center environment. The role focuses on advanced incident investigation, escalation management, threat analysis, and security operations across enterprise infrastructure. The candidate will handle complex security incidents, lead response coordination, and support SOC L2 teams in detection, triage, and remediation activities.

Roles & Responsibilities

Security Operations (24x7 SOC Environment)

Monitor and respond to security alerts in a 24x7 SOC/Command Center setup
Oversee advanced triage and incident analysis activities
Ensure timely detection, response, and containment of security threats

Incident Investigation & L3 Escalation Handling

Take ownership of complex and high-severity security incidents escalated from L2
Perform deep-dive forensic analysis and root cause identification
Coordinate containment, eradication, and recovery actions
Work closely with infrastructure, network, and application teams for remediation

SIEM, EDR & Threat Analysis

Perform advanced log analysis and threat detection using SIEM tools such as:
- Seceon Open Threat Management
- Microsoft Sentinel
- Wazuh
Utilize EDR solutions for endpoint investigation and response
Analyze network, endpoint, identity, and cloud security events
Apply threat intelligence and IOC-based investigation techniques

Windows & Infrastructure Security

Administer and troubleshoot Windows Server environments:
- Active Directory
- GPO
- DNS
- DHCP
Identify and resolve system-level security issues in enterprise environments
Support identity and access-related investigations

Network Security Operations

Support firewall rule analysis and security validation
Troubleshoot VPN connectivity and configuration issues
Monitor IDS/IPS alerts and investigate suspicious activities
Collaborate with network teams for incident containment

Threat Hunting & Proactive Security

Participate in proactive threat hunting activities
Identify anomalies across logs, endpoints, and network traffic
Assist in vulnerability remediation and patch coordination
Improve detection capabilities and SOC maturity

Incident Documentation & Reporting

Maintain detailed incident records, timelines, and investigation reports
Create and update SOC playbooks and response procedures
Provide structured reporting for stakeholders and leadership
Ensure proper shift handover documentation and continuity

Compliance & Security Governance

Ensure adherence to security policies, frameworks, and regulatory standards
Support compliance requirements aligned with NIST and SANS frameworks
Contribute to audit readiness and control validation activities

Required Skills & Experience

7+ years of SOC / Command Center experience (L2/L3 exposure)
Strong hands-on experience in security monitoring and incident response
Expertise in SIEM platforms (especially Seceon-based environments preferred)
Strong understanding of:
- Windows Server Administration
- Network Security fundamentals
Experience with log analysis, threat detection, and incident response frameworks (NIST, SANS)
Strong analytical, communication, and problem-solving skills
Ability to handle high-pressure 24x7 environments

Preferred Certifications

CompTIA Security+
CEH (Certified Ethical Hacker)
Microsoft Certified: Security Operations Analyst Associate

Core Competencies

Advanced Incident Response & RCA
Threat Detection & Security Monitoring
SIEM & EDR Expertise
Windows & Identity Security
Network Security Operations
Threat Hunting & Analysis
Escalation & Stakeholder Management
Documentation & SOC Process Maturity
Analytical Thinking & Problem Solving

Quick apply