SOC Analyst - Kroll - Bengaluru / Bangalore, India
Join Kroll's Security Operations Centre (SOC) team in Bengaluru or Mumbai, India, as a dedicated SOC Analyst. Reporting to the SOC Manager, you will be an integral part of a client-dedicated, 16x7 engagement, focused on monitoring, analyzing, and resolving security-related tickets. This role is vital for ensuring the swift triage and resolution of security incidents, upholding client security standards, and contributing to the enhancement of detection and response capabilities.
Key Responsibilities
- Perform thorough analysis, investigation, and resolution of security tickets generated by client monitoring systems and service desk workflows.
- Triage and categorize security alerts based on severity, potential impact, and relevance to the client's specific threat landscape.
- Maintain precise and detailed documentation of all investigations, actions taken, and incident resolution outcomes within the client's ticketing system.
- Collaborate effectively with the client's internal teams, including infrastructure, application, and compliance departments, to facilitate coordinated incident response.
- Execute and contribute to the refinement of client-specific response playbooks and Standard Operating Procedures (SOPs).
- Ensure clear and comprehensive handover documentation between shifts to maintain operational continuity.
Required Skills & Qualifications
- A minimum of 1-3 years of experience in a Security Operations Centre (SOC) or broader cybersecurity operations role.
- Proficiency with SIEM platforms such as Microsoft Sentinel or LogRhythm, ticketing systems like ServiceNow or X-current, and endpoint protection tools including Microsoft Defender or SentinelOne.
- Demonstrated experience in supporting and resolving common SOC playbook scenarios, such as phishing email investigations, Windows/Linux malware incidents, and Microsoft 365/Entra ID account compromises.
- Possess strong analytical skills and a keen attention to detail when reviewing logs, alerts, and incident data.
- Solid understanding of cybersecurity frameworks like MITRE ATT&CK and NIST.
- Excellent written and verbal communication skills, essential for clear incident documentation and stakeholder collaboration.
- Hold a Bachelor's degree in Computer Science, Information Security, or a closely related field.
Preferred Certifications
- Relevant certifications such as CompTIA Security+, CEH, or Microsoft SC-200 are advantageous.
- ITIL Foundation certification is beneficial for understanding ticketing and service management workflows.
Working Hours
- Engage in rotational shifts within a 16x5 schedule, operating Monday through Friday.
- Participate in an after-hours and weekend on-call rotation.
- Exhibit flexibility to support critical incidents outside of standard working hours when necessary.
Job Type: Permanent