SOC Analyst (L2)

The SOC Analyst is responsible for maintaining the organization's cybersecurity posture through continuous monitoring, detection, and incident response. Using advanced technologies such as Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Network Detection and Response (NDR), File Integrity Monitoring (FIM), and Next-Gen Antivirus (NGAV), the analyst identifies and mitigates security threats in real time. This role also contributes to the design and development of automated playbooks using Security Orchestration, Automation, and Response (SOAR) platforms to streamline response workflows and improve SOC efficiency. The analyst collaborates across teams to strengthen detection logic, enhance processes, and ensure proactive defense against evolving cyber threats.

Key responsibilities include:

• Monitor and analyze security alerts from SIEM, EDR, NDR, FIM, and Antivirus platforms to detect potential threats
• Execute incident response lifecycle activities including triage, containment, eradication, and recovery following NIST standards
• Develop, maintain, and enhance incident response playbooks and runbooks to ensure standardized handling of recurring alerts and use cases
• Conduct regular vulnerability assessments and coordinate with IT teams for timely remediation
• Manage and optimize EDR, SIEM, SOAR, FIM, NDR, and Antivirus tools to ensure operational readiness
• Generate detailed reports and dashboards highlighting incident metrics, trends, and SOC performance

This role creates positive change by protecting SAP-centric organizations from cyber threats, ensuring their IT systems remain secure and operational, which enables businesses to focus on growth and innovation without security disruptions.

Required skills and qualifications:

• 4+ years in SOC operations, cybersecurity, or incident response
• Strong knowledge of EDR, SIEM, SOAR, NDR, FIM, and Antivirus/NGAV platforms
• Experience in writing playbooks, automating responses, and tuning detection logic
• Familiarity with incident handling frameworks, threat hunting, and digital forensics
• Knowledge of MITRE ATT&CK, Cyber Kill Chain, NIST IR, ISO 27001 frameworks
• Strong communication and documentation skills for both technical and executive audiences
• Ability to work effectively in high-pressure, time-sensitive environments while maintaining precision and accuracy

Preferred qualifications:

• Certifications: CompTIA Security+, CySA+, CEH, Microsoft SC-200, or equivalent
• Tools exposure: Splunk, Microsoft Sentinel, QRadar, Elastic, CrowdStrike Falcon, Defender for Endpoint, SentinelOne, Darktrace, Corelight, Tripwire, Qualys FIM, Trellix/McAfee, Sophos, Bitdefender, Cortex XSOAR, Splunk SOAR, Microsoft Sentinel Automation

• Work from Home set-up
• Comprehensive medical benefits
• Gratuity, PF, EPS and Bonus, NPS
• Shift Allowances
• On-call Allowance
• Health and wellness Allowances
• Learning and Development Allowances
• No question asked certification policy
• Certification Bounty Bonus

Protera Technologies reimagines how SAP-centric organizations work in the cloud, bringing SAP and related applications to cloud platforms like Microsoft Azure and AWS since 1998, with a mission to make IT smoother, faster, and more enjoyable for clients while empowering them with the best tools and tech to drive growth.