SOC Engineer L3

SOC Engineer L3 Job Responsibilities: - Annual compensation of 12 lakhs - Remote working

Candidate with about 5 to 6 years of experience and is a Level 2 engineer and can be considered for entry L3 now.

A Level 3 SOC Engineer is usually considered a slightly senior position, focusing on the most complex security challenges, strategy development, and leadership within the SOC team. Here are the combined responsibilities:

1. SIEM and Network Security Administration: Implement and administer the Security Information and Event Management (SIEM) system, network security hardware, and software. Identify system vulnerabilities and develop strategies to mitigate them.
2. Vulnerability Mitigation and Documentation: Develop solutions to address identified vulnerabilities. Create and maintain standard operating procedures and protocols to ensure consistent and secure operations.
3. Device Onboarding and Log Management: Handle device onboarding and manage logs effectively by developing and maintaining log parsers to ensure comprehensive monitoring.
4. SIEM Maintenance and Troubleshooting: Provide installation, maintenance, upgrades, and troubleshooting for the SIEM solution and its components across all functional departments.
5. Flexibility in Duties: Take on varied responsibilities, including covering for absences or balancing workload, which may involve working in different areas of the SOC.
6. Cloud and Network Security Monitoring: Detect and respond to malicious activities on cloud systems, SaaS, workstations, servers, and networks, ensuring comprehensive security coverage.
7. Threat Detection Optimization: Optimize threat detection tools for DLP, SIEM, EDR, antivirus, cloud security, and intrusion detection systems, among other technologies, to enhance security posture.
8. Event Analysis and Escalation Response: Review and respond to escalated security events, ensuring timely and effective incident resolution.
9. Proactive Threat Hunting: Engage in proactive threat hunting to identify and mitigate potential threats before they impact the environment.
10. Signature Development and System Tuning: Write detection signatures, tune systems and tools, develop automation scripts, and create correlation rules to improve detection and response capabilities.
11. Adversary TTP Knowledge: Maintain up-to-date knowledge of adversary tactics, techniques, and procedures to anticipate and counteract potential threats.
12. Forensic Analysis: Conduct in-depth forensic analysis on affected systems and coordinate with third-party resources as needed for advanced investigations.
13. Communication and Reporting: Provide timely and relevant updates to stakeholders and decision-makers, ensuring they are informed of current security postures and incident impacts.

[email protected]

Originally posted on Himalayas