SOC Analyst L1
Full Job Description
We are seeking a Security Operations (SecOps) Analyst (L1) with 3-5 years of experience for our Gurgaon, Haryana, India location. This role requires immediate joining and involves rotational shifts (24x7, 5 on 2 off).
As part of Rackspace Cyber Defence, you will be instrumental in protecting our customers' on-premises, private cloud, public cloud, and multi-cloud environments against evolving cyber threats. Your primary responsibilities will include detecting, analyzing, and responding to security alerts, triaging incidents, and liaising with customer stakeholders.
Key Accountabilities:
- Ensure customer environments remain secure by timely threat detection and resolution.
- Analyze, handle, and escalate alerts from cloud-native SIEM platforms.
- Conduct preliminary investigations, act according to knowledge base, and identify false positives.
- Follow SLA notification processes based on alert severity and create tickets in the customer's ITSM system.
- Update runbooks, playbooks, and knowledge base documents.
- Share SLA details for weekly and monthly reports.
- Provide data for use case creation, detection engineering, and threat detection tuning.
- Identify critical customer assets using technical tools and interviews.
- Utilize and enhance relevant technology tooling for security policy enforcement.
- Leverage threat intelligence platforms and OSINT to understand the latest threats and adversary TTPs.
- Automate security processes to enhance monitoring capabilities.
- Ensure vulnerabilities are resolved within agreed SLA times.
- Maintain strong working relationships with incident response, disaster recovery, and information security teams.
- Willingness to work in a 24/7 rotational shift environment.
Skills & Experience:
- 3-5 years of experience as a Security Operations Analyst/Engineer.
- Experience with large-scale public cloud environments and cloud-native security monitoring tools such as Microsoft Sentinel, Microsoft 365 Defender, Microsoft Defender for Cloud.
- Experience with Endpoint Detection & Response (EDR) tools (e.g., Crowdstrike, Microsoft Defender for Endpoint).
- Familiarity with firewalls and network security tools (e.g., Palo Alto, Fortinet, Juniper, Cisco).
- Experience with Web Application Firewall (WAF) tools (e.g., Cloudflare, Akamai, Azure WAF).
- Knowledge of Email Security tools (e.g., Proofpoint, Mimecast, Microsoft Defender for Office).
- Familiarity with Data Loss Prevention (DLP) tools (e.g., Microsoft Purview, McAfee, Symantec).
- Nice to have: GCP security tools (Chronicle, Security Command Centre), AWS security tools (Security Hub, Guard Duty, Macie, Config, CloudTrail).
- Experience analyzing malware and email headers; skills in network security, intrusion detection/prevention systems, operating systems, risk and threat identification/analysis, and log analysis.
- Knowledge of security controls (network access, IAAM, IDS/IPS).
- Understanding of security standards like NIST, ISO27001, CIS, OWASP, and CCM.
- Knowledge of scripting/coding (Terraform, Python, JavaScript, Go, Bash, PowerShell).
- Knowledge of DevOps practices (CI/CD, Azure DevOps, CircleCI, GitHub Actions, Ansible, Jenkins).
- A Computer Science, Engineering, or IT-related degree is preferred but not strictly required.
- Relevant certifications (e.g., CISSP, AZ500, SC-200, CREST, SSCP, CCSP, GCIH, GSOC) are a plus.
- Highly self-motivated, proactive, detail-oriented, and a strong problem-solver with a passion for learning and growth in security operations, programming, and security architecture.
- Ability to prioritize, multitask, and work under pressure.
- A commitment to delivering exceptional customer experiences.
Join Rackspace Technology, a leader in multicloud solutions, and be part of a team that embraces technology, empowers customers, and shapes the future.
Company
Rackspace Technology
Rackspace Technology is a premier provider of end-to-end hybrid cloud and AI solutions, empowering businesses to design, build, and operate their cloud environments across all major technology platfor...