Job Title:  T&T | Cyber : D&R | SIEM | Assistant Manager | Mumbai

SoC – L2 Mumbai

6 - 8 Yrs of exp

CEH+ Any relevant OEM certification.

Detailed JD:-

·      Perform in-depth investigation of security alerts escalated by L1 analysts.

·      Validate true positives and false positives through log correlation and forensic analysis.

·      Conduct initial containment, eradication, and recovery steps for confirmed incidents.

·      Escalate high-severity or complex incidents to L3 / IR teams with complete analysis.

·      Perform proactive threat hunting using SIEM, EDR, and threat intelligence platforms.

·      Identify emerging attack techniques and indicators of compromise (IOCs).

·      Document and share findings to enhance organizational threat detection capability.

·      Review, refine, and tune SIEM detection rules and correlation logic to reduce false positives.

·      Collaborate with engineering teams to ensure log completeness and accuracy.

·      Recommend improvements to automation playbooks (SOAR).

·      Guide and mentor SOC L1 analysts for effective triage and initial response.

·      Work closely with resolver teams (Network, Server, Cloud, Application) for incident remediation.

·      Engage with threat intelligence teams to correlate alerts with global threat activity.

·      Maintain detailed incident investigation reports and update the incident tracking system.

·      Prepare incident summaries and post-incident analysis reports (RCA).

·      Contribute to shift handover reports and metrics (MTTD, MTTR, case volume).