HamburgerMenu
hirist

Artificial Intelligence

Machine Learning

NLP

Generative AI

Predictive Modeling

Query Segmentation

AI Interface

LLM

Deep Learning

MLOps

Security Architect - AI

Cloud Architect - ML/AI

Data Scientist

Data Modeling

Data Analytics & BI

Data Engineering

Backend Development

Frontend Development

Full Stack

Mobile Applications

Emerging Technologies

DevOps / SRE

CyberSecurity

Quality Assurance

Platform Engineering / SAP/Oracle

Product Management

Business Analysis and Project Management

UI & Design

Semiconductor/VLSI/EDA

Others

Rackspace Technology - L3 Security Operations Center Analyst - Sentinel

TriCore Solutions Private Limited
Multiple Locations
9 - 15 Years
Security Operations CenterWindows DefenderSecurityCyber SecurityFirewall

Posted on: 15/07/2025

Job Description

SOC Analyst L3 (Sentinel is must)


About Rackspace Cyber Defence :


Rackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services.

Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads.

Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.

Our mission is to help our customers :


- Proactively detect and respond to cyber-attacks 24x7x365.

- Defend against new and emerging risks that impact their business.

- Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.

- Reduce their exposure to risks that impact their identity and brand.

- Develop operational resilience.

- Maintain compliance with legal, regulatory and compliance obligations.



What were looking for :


- To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Operations Analyst (L3) to support Rackspaces strategic customers.


- This role is particularly well-suited to a self-starting, experienced and motivated Sr. Sec Ops Analyst, who has a proven record of accomplishment in the cloud security monitoring and incident detection domain.

- As a Security Operations Analyst(L3), you will be responsible for detecting, analysing, and responding to threats posed across customer on-premises, private cloud, public cloud, and multi-cloud environments.

- The primary focus will be on triaging alerts and events (incident detection), which may indicate malicious activity, and determining if threats are real or not.

- You will also be required to liaise closely with the customers key stakeholders, which may include incident response and disaster recovery teams as well as information security.



Key Accountabilities :


- Should have experience of 10 years in SOC and 5 years in Azure Sentinel.


- Ensure the Customers operational and production environment remains secure at all the times and any threats are raised and addressed in a timely manner.

- Critical incident handling & closure.

- Escalation management and handling escalations from L2 Analysts.

- Proactive discovery of threats based on MITRE ATT&CK framework.

- Deep investigation and analysis of critical security incidents.

- Post breach forensic incident analysis reporting.

- Review the weekly and monthly reports.

- Review new use cases created by L2 and implement in cloud-native SIEM (Security Information and Event Management).

- Assist with customer onboarding (such as use case development, identifying data sources, configuring data connectors etc)


- Advanced threat hunting.

- Develop custom dashboards and reporting templates.

- Develop complex to customer specific use cases.

- Advanced platform administration.

- Solution recommendation for issues.

- Co-ordinate with vendor for issue resolution.

- Basic and intermediate playbook and workflow enhancement.

- Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc.


- Develop the custom parsers for the incident and alert enrichment.

- Problem specific playbook and workflow creation and enhancements

- Required to work flexible timings.



Skills & Experience :


- Existing experience as a Security Operations Analyst, or equivalent.


- Experience of working in large scale, public cloud environments and with using cloud native security monitoring tools such as:

    • Microsoft 365 Defender
    • Microsoft Defender for Cloud
    • Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint.
    - Firewalls and network security tools such as Palo Alto, Fortinet, Juniper, and Cisco.

    - Web Application Firewall (WAF) tools such as Cloudflare, Akamai and Azure WAF.

    - Email Security tools such as Proofpoint, Mimecast and Microsoft Defender for Office

    - Data Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec



    Nice to have skills/experience includes :


    - Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre


    - Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail

    - Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis.


    - Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls.

    - Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc.

    - Experience with scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell.

    - Experience with DevOps practices and tools such as Backlogs, Repos, Pipelines, Artifacts, CI/CD, JIRA, Azure DevOps, CircleCI,

    GitHub Actions, Ansible and/or Jenkins.

    - Computer science, engineering, or information technology related degree (although not a strict requirement)

    - Holds one, or more, of the following certificates (or equivalent) :

    • Certified Information Security Systems Professional (CISSP)
    • Microsoft Certified: Azure Security Engineer Associate (AZ500)
    • Microsoft Certified: Security Operations Analyst Associate (SC-200)
    • CREST Practitioner Intrusion Analyst (CPIA)
    • CREST Registered Intrusion Analyst (CRIA)
    • CREST Certified Network Intrusion Analyst (CCNIA)
    • Systems Security Certified Practitioner (SSCP)
    • Certified Cloud Security Professional (CCSP)
    • GIAC Certified Incident Handler (GCIH)
    • GIAC Security Operations Certified (GSOC)

    A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail. A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.
    Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure.


    An individual who shows a willingness to go above and beyond in delighting the customer.


    info-icon

    Did you find something suspicious?

    Posted By

    Navyashree YR

    Senior TA Specialist at TriCore Solutions Private Limited

    Last Active: 22 Jul 2025

    Job Views:  
    216
    Applications:  57
    Recruiter Actions:  13

    Posted in

    CyberSecurity

    Functional Area

    Cyber Security

    Job Code

    1513581

    Jobs by location

    Interview Questions for you

    View All
    Blog for regisnation

    How to Write Leave Application for Urgent Work: Format & Samples (2025)

    Blog for regisnation

    Top 90+ Machine Learning Interview Questions and Answers

    Blog for regisnation

    Top 40+ Deep Learning Interview Questions and Answers