SOC Analyst III

As a Senior Security Operations Center (SOC) Analyst in Noida, Uttar Pradesh, India, you will be instrumental in fortifying Zinnia’s security infrastructure. You will operate at the forefront of our defense mechanisms, diligently analyzing security alerts, conducting thorough investigations into potential threats, and spearheading incident response initiatives. Your specialized knowledge will ensure effective triage, containment, and remediation of security incidents, while minimizing any disruption to business operations. You will also contribute significantly to the ongoing enhancement of our detection and response capabilities by developing and optimizing custom correlation rules, performing routine health assessments of SOC tools, and identifying opportunities for increased automation and efficiency. Beyond daily operations, you will actively engage in proactive threat hunting and leverage threat intelligence to detect and mitigate emerging risks before they can impact the organization. Furthermore, you will provide mentorship and guidance to other team members, cultivating an environment of learning, collaboration, and continuous improvement within the SOC. This role requires working in 24x7 rotational shifts and may involve weekend on-call support.

Key Responsibilities:

• Monitor, analyze, and respond to security alerts and incidents from diverse sources across the organization’s IT infrastructure.
• Triage and prioritize security alerts based on their assessed risk, relevance, and potential business impact to focus efforts on high-priority threats.
• Lead incident investigation and response activities, coordinating effectively with relevant internal teams to implement corrective actions and long-term remediation strategies.
• Develop, refine, and tune custom correlation logic and detection content to improve threat visibility and reduce the number of false positives.
• Conduct proactive threat hunting to identify unusual patterns, behaviors, or anomalies that may bypass traditional security detection methods.
• Perform regular health checks and maintenance of SOC tools and their integrations to ensure uninterrupted data flow and consistent operational readiness.
• Meticulously document and maintain investigation records, incident timelines, and post-incident reports to ensure transparency and facilitate knowledge sharing for lessons learned.
• Collaborate with other cybersecurity and IT teams to enhance detection coverage, refine incident response playbooks, and optimize automation workflows.
• Mentor and support fellow SOC team members by providing technical guidance, quality assurance, and on-the-job training.
• Stay abreast of the latest emerging threats, attacker methodologies, and defensive best practices to continuously strengthen the SOC’s capabilities.
• Develop, update, and maintain SOC Standard Operating Procedures (SOPs) and incident response playbooks to ensure standardized and effective handling of security events.

Required Qualifications:

• A minimum of 4-6 years of experience in the security operations domain.
• Strong practical experience in security monitoring, alert triage, incident investigation, and response within a SOC environment.
• Demonstrated ability to analyze and respond to complex security incidents, perform root cause analysis, and drive containment and remediation efforts.
• Proficiency with Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Security Orchestration, Automation, and Response (SOAR) platforms, and threat intelligence platforms, including their integration into SOC workflows.
• Experience in conducting proactive threat hunting utilizing threat intelligence, behavioral analytics, and anomaly detection techniques.
• Proven expertise in designing and optimizing customized correlation rules, detection logic, and analytical reports to identify advanced threats, minimize false positives, and improve SOC efficiency.
• Familiarity with security frameworks and standards such as MITRE ATT&CK, NIST, and ISO 27001, and their practical application in detection and response scenarios.
• A foundational understanding of cloud platforms, with practical experience operating within cloud environments and performing cloud-focused SOC investigations.
• A clear understanding of network protocols, operating systems (Windows, Linux), and common attack vectors.
• Knowledge of malware analysis, phishing investigations, and vulnerability management processes.
• A strong willingness to learn, experiment, and collaborate effectively across different teams.

Nice to Have:

• Hands-on experience with Extended Detection and Response (XDR) and EDR solutions.
• Exposure to automation and orchestration within the SOC environment, including SOAR platforms, scripting, and workflow automation.
• Basic experience integrating security devices with SOC tools and developing custom parsers.
• Knowledge of compliance and regulatory frameworks such as ISO 27001, NIST, GDPR, and HIPAA.
• Relevant certifications like Certified SOC Analyst (CSA), CySA+, Certified Ethical Hacker (CEH), or specific SOC vendor certifications.