Senior SOC Analyst
Responsibilities
Qualifications & Requirements
Experience Level: Senior Level
Full Job Description
Join Freshworks as a Senior SOC Analyst (AI Analyst & Automation Engineer) in Chennai, India. This pivotal role requires a hybrid expert in cybersecurity operations and AI engineering to lead the development, customization, and operationalization of AI-powered SOC automation systems. You will be instrumental in bridging frontline SOC operations with advanced AI/ML capabilities to enhance threat detection, alert triage, and incident response automation using tools like Intezer and Cortex XSOAR, as well as custom AI pipelines. This position is key to both defending our organization and building intelligent systems that scale our security defenses.
SOC & Threat Detection (Analyst Responsibilities):
- Monitor and triage security alerts utilizing AI-assisted tooling.
- Analyze, investigate, and escalate security incidents using threat intelligence and log data.
- Provide comprehensive threat context, root cause analysis, and actionable response recommendations.
- Fine-tune detection rules, establish behavioral baselines, and refine IOC correlations.
- Serve as a Subject Matter Expert (SME) for SOC use cases and automation requirements.
AI Engineering & Automation:
- Design and maintain machine learning models for anomaly detection, classification, and alert triage.
- Develop and implement automation workflows using Security Orchestration, Automation, and Response (SOAR) platforms, such as Cortex XSOAR.
- Integrate AI models with key SOC data sources including SIEM, EDR, and Threat Intelligence Platforms (TIP).
- Establish feedback loops leveraging SOC analyst input and incident data to continuously improve AI models.
- Enhance alert enrichment capabilities to effectively reduce false positives and negatives.
Collaboration & Strategy:
- Collaborate closely with threat intelligence and incident response teams.
- Drive innovation within SOC tooling through the strategic application of automation and AI.
- Maintain thorough documentation, ensure model explainability, and support audit readiness.
- Proactively stay ahead of evolving adversarial threats and the potential misuse of AI in cyber contexts.
Qualifications:
Must-Have:
- A minimum of 3 years of experience in a SOC Analyst, Incident Responder, or Threat Hunter role.
- At least 2 years of experience developing or applying AI/ML within a cybersecurity or security automation context.
- Proficiency in Python and core ML libraries (e.g., Scikit-learn, PyTorch, TensorFlow).
- Hands-on experience with SIEM solutions (e.g., Splunk, Sentinel, QRadar), SOAR platforms (e.g., XSOAR, TheHive), and EDR solutions (e.g., CrowdStrike, Defender).
- A strong understanding of the MITRE ATT&CK framework, threat detection methodologies, and common attack vectors.
- Familiarity with APIs, REST, JSON, and the integration of diverse security platforms.
Nice-to-Have:
- Experience with malware classification, threat intelligence enrichment, or sandbox analysis tools (e.g., Intezer, VirusTotal).
- Knowledge of adversarial ML, model hardening techniques, or explainable AI within a SOC environment.
- Experience with cloud-native security monitoring across AWS, GCP, or Azure.
- Familiarity with MLOps principles, data pipelines, or production model deployment.
Company
Freshworks
Freshworks is a global leader in simplifying complex business software. We empower organizations to enhance customer and employee experiences, driving growth through intuitive, enterprise-grade soluti...