L2 Security Operations Center Analyst - Threat Hunting

Digihelic Solutions Private Limited

Mumbai

5 - 8 Years

4.6

20+ Reviews

Security Operations Center IT Security Strategy Security Protocols SIEM Network Security Incident Management Threat Hunting Security Monitoring Tools Security Analytics Endpoint Detection & Response

Posted on: 13/10/2025

Job Description

Description :

Location : Mumbai, India

Experience : 5+ Years

Mode of Work : 5 Days Office (Full-time On-site)

Reporting To : SOC Manager / Security Operations Lead

About the Role :

We are seeking an experienced and dedicated L2 Security Operations Center (SOC) Analyst to join our team in Mumbai.

This is a full-time, 5-day on-site position. The ideal candidate will have a minimum of 5 years of experience in a SOC environment, with at least 2 years operating specifically at the L2 level.

You will be responsible for advanced threat detection, in-depth security incident analysis, and effective response across our enterprise.

Your expertise with SIEM and EDR platforms will be critical in maintaining the security posture of the organization.

Key Responsibilities :

Incident Detection and Analysis :

- Perform in-depth analysis and investigation of security events escalated from L1 analysts or automatically triggered by security tools.

- Identify, triage, and prioritize complex security incidents using data from SIEM (QRadar), EDR, network logs, and other security telemetry.

- Conduct log correlation and data enrichment to determine the scope, root cause, and impact of security incidents.

Incident Response (IR) :

- Execute defined Incident Response (IR) procedures to contain, eradicate, and recover from security incidents (e.g., malware outbreaks, unauthorized access, data exfiltration).

- Coordinate and communicate with cross-functional IT teams during critical incidents.

- Document detailed post-incident reports, timelines, and lessons learned.

Threat Hunting and Monitoring :

- Proactively perform threat hunting within the network and endpoints to identify subtle or persistent threats that bypass standard security controls.

- Develop and refine custom correlation rules, alerts, and dashboards within QRadar SIEM to improve detection capabilities.

Tool Management and Expertise :

- Expertly operate and maintain security tools, including the SIEM platform (QRadar).

- Utilize EDR tools such as CrowdStrike or Microsoft Defender for forensic analysis, host-based threat investigation, and remote response actions.

Process Improvement and Mentorship :

- Contribute to the continuous improvement of SOC procedures, playbooks, and runbooks.

- Act as a technical escalation point and mentor for L1 SOC Analysts.

Required Qualifications and Experience :

Experience :

- Minimum 5 years of professional experience working in a Security Operations Center (SOC) environment.

- Minimum 2 years of experience specifically operating as an L2 SOC Analyst or similar advanced role.

Technical Skills :

- Expert-level experience with SIEM tools, specifically IBM QRadar. This includes rule creation, dashboard development, log source integration, and advanced query writing.

- Hands-on experience with an EDR (Endpoint Detection and Response) solution such as CrowdStrike or Microsoft Defender.

- Proven experience executing all phases of the Incident Response lifecycle.

Educational Qualification (Mandatory) :

- B.Tech in Computer Science (CS) / B.E. in Computer Science (CS) OR Master of Computer Applications (MCA).

- - - - - - -