Job Description

SOC Engineer L3 Job Responsibilities: - Annual compensation of 12 lakhs - Remote working

Candidate with about 5 to 6 years of experience and is a Level 2 engineer and can be considered for entry L3 now.

A Level 3 SOC Engineer is usually considered a slightly senior position, focusing on the most complex security challenges, strategy development, and leadership within the SOC team. Here are the combined responsibilities:

1. SIEM and Network Security Administration Implement and administer the Security Information and Event Management (SIEM) system, network security hardware, and software. Identify system vulnerabilities and develop strategies to mitigate them.
2. Vulnerability Mitigation and Documentation Develop solutions to address identified vulnerabilities. Create and maintain standard operating procedures and protocols to ensure consistent and secure operations.
3. Device Onboarding and Log Management Handle device onboarding and manage logs effectively by developing and maintaining log parsers to ensure comprehensive monitoring.
4. SIEM Maintenance and Troubleshooting Provide installation, maintenance, upgrades, and troubleshooting for the SIEM solution and its components across all functional departments.
5. Flexibility in Duties Take on varied responsibilities, including covering for absences or balancing workload, which may involve working in different areas of the SOC.
6. Cloud and Network Security Monitoring Detect and respond to malicious activities on cloud systems, SaaS, workstations, servers, and networks, ensuring comprehensive security coverage.
7. Threat Detection Optimization Optimize threat detection tools for DLP, SIEM, EDR, antivirus, cloud security, and intrusion detection systems, among other technologies, to enhance security posture.
8. Event Analysis and Escalation Response Review and respond to escalated security events, ensuring timely and effective incident resolution.
9. Proactive Threat Hunting Engage in proactive threat hunting to identify and mitigate potential threats before they impact the environment.
10. Signature Development and System Tuning Write detection signatures, tune systems and tools, develop automation scripts, and create correlation rules to improve detection and response capabilities.
11. Adversary TTP Knowledge Maintain up-to-date knowledge of adversary tactics, techniques, and procedures to anticipate and counteract potential threats.
12. Forensic Analysis Conduct in-depth forensic analysis on affected systems and coordinate with third-party resources as needed for advanced investigations.
13. Communication and Reporting Provide timely and relevant updates to stakeholders and decision-makers, ensuring they are informed of current security postures and incident impacts.

aravinth@ithr360.com