Greenlight Planet

Security Operations Center Analyst

Greenlight Planet  •  Republic of India (Remote)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Security Operations Center Analyst

Department: Global Analytics and Technology

Employment Type: Permanent - Full Time

Location: India

Job location: Remote

About the role:
The Security Operations Center (SOC) Analyst is responsible for operating and continuously enhancing Sun King's Security Operations Center. This role focuses on threat detection, threat hunting, incident response, digital forensics, and security automation across cloud, endpoint, identity, and enterprise environments. The SOC Analyst plays a key role in protecting Sun King's digital assets through effective monitoring, rapid response, and continuous improvement of SOC capabilities.


What you will be expected to do


  • Monitor, triage, and investigate security events across AWS, endpoint security platforms, Google Workspace, identity providers, and other enterprise security solutions.
  • Review and analyze threat intelligence feeds, Indicators of Compromise (IOCs), Indicators of Attack (IOAs), and MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs) to validate detections, improve monitoring, and enhance detection use cases.
  • Enrich security investigations using OSINT, domain intelligence, and threat intelligence sources to identify malicious activity and support attribution.
  • Correlate telemetry from endpoints, networks, cloud environments, identity platforms, SIEM, EDR, and other security tools to build comprehensive investigation context and identify threats.
  • Design, develop, maintain, and optimize SIEM/SOAR detection rules, playbooks, dashboards, and alerts. Onboard and validate new log sources to ensure complete and normalized visibility.
  • Perform proactive threat hunting and endpoint/cloud forensics to identify previously undetected threats, determine scope and root cause, and provide evidence to support incident response.
  • Lead end-to-end incident response activities, including triage, investigation, containment, eradication, recovery, root cause analysis (RCA), reporting, and maintenance of incident response playbooks and standard operating procedures.
  • Monitor and recommend security improvements across AWS services, including CloudTrail, GuardDuty, Security Hub, IAM, VPC Flow Logs, CloudWatch, and AWS Config, to detect suspicious activity and misconfigurations.
  • Investigate identity-related threats using authentication logs, privileged account activity, and collaboration platform audit logs.
  • Administer, integrate, and perform health checks for SIEM, SOAR, EDR, and related security technologies to ensure reliable security operations.
  • Develop and maintain security automation, internal tools, and integrations using Python, PowerShell, Bash, APIs, and webhooks to improve investigation and response efficiency.
  • Maintain and optimize threat intelligence repositories, IOC watchlists, enrichment workflows, and dashboards, translating intelligence into improved detections and alert tuning.
  • Support vulnerability management by reviewing findings, validating remediation efforts, and contributing to risk-based prioritization.
  • Prepare clear and concise incident reports, root cause analysis documents, threat intelligence summaries, executive updates, and SOC performance metrics.
  • Collaborate with Infrastructure, Cloud, IT, and Engineering teams to implement security controls, strengthen detections, and coordinate incident response activities.
  • Evaluate and implement AI-assisted security workflows to improve threat detection, alert triage, investigations, and incident response.
  • Continuously assess and enhance SOC architecture, monitoring strategy, KPIs/KRIs, automation, and overall SOC maturity in alignment with industry best practices.


You might be a strong candidate if you have/are

  • 3–6 years of experience in Security Operations, including threat detection, incident response, threat hunting, and digital forensics across cloud and enterprise environments.
  • Demonstrated experience managing high-severity security incidents and improving SOC capabilities through process improvements, automation, and measurable operational metrics.
  • Experience building AI- or LLM-assisted SOC workflows for alert triage, investigation summarization, and multi-source threat correlation while validating AI-generated outputs for accuracy.
  • Familiarity with AI security frameworks and threat models such as MITRE ATLAS and the OWASP Top 10 for LLM Applications.
  • Proficiency in Python, PowerShell, Bash, and REST APIs to develop automation, detection content, playbooks, and security workflows.
  • Experience integrating security technologies, managing log pipelines, and implementing automation that balances operational efficiency with appropriate human oversight.
  • Strong interest in emerging threats, attacker techniques, and defensive strategies, with a commitment to continuous learning and professional development.
  • Demonstrated ownership, problem-solving ability, and commitment to protecting organizational assets while enabling secure business operations.
  • Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related discipline, or equivalent practical experience.
  • Professional security certifications such as OSCE, CRTP, SC-200, or equivalent are preferred.
  • Strong written and verbal communication skills, with the ability to collaborate effectively across technical and non-technical teams.

What Sun King offers

  • Professional growth in a dynamic, rapidly expanding, high-social-impact industry
  • An open-minded, collaborative culture made up of enthusiastic colleagues who are driven by the challenge of innovation towards profound impact on people and the planet.
  • A truly multicultural experience: you will have the chance to work with and learn from people from different geographies, nationalities, and backgrounds.
  • Structured, tailored learning and development programs that help you become a better leader, manager, and professional through the Sun King Center for Leadership.
Greenlight Planet

About Greenlight Planet

Powering access to brighter lives in Africa, Asia, and beyond

Industry
Hardware & Semiconductors
Company Size
1,001-5,000 employees
Headquarters
Chicago, Illinois
Year Founded
2009
Social Media