What is the salary for this Soc Analyst L2 position?

Salary information for this Soc Analyst L2 position is available upon application.

What experience is required for this Soc Analyst L2 role?

This Soc Analyst L2 position requires mid_level of experience.

Where is this Soc Analyst L2 job located?

This Soc Analyst L2 position is located in Hybrid - Bengaluru, Chennai.

How do I apply for this Soc Analyst L2 position at CGI?

You can apply for this Soc Analyst L2 position by clicking the 'Apply Now' button on this page, which will direct you to the official application portal.

CGI•18d ago

Naukri

Soc Analyst L2

Hybrid - Bengaluru, Chennai

Full Time

Mid Level

Auto Apply to 50+ AI Matched Soc Analyst L2 Jobs

Use Auto Apply Agents to Bulk Apply jobs with ATS Optimised Resumes, find verified Insider Connections for jobs at CGI

Full Job Description

Role Summary: We are seeking a proficient Level 2 Security Operations Center (SOC) Analyst to conduct advanced security monitoring, sophisticated threat investigations, and decisive incident response across diverse enterprise environments. This role demands extensive hands-on expertise with Microsoft Defender, Microsoft Sentinel, and Splunk, coupled with a strong capability in phishing investigations and established incident response methodologies.

Key Responsibilities:

Conduct in-depth analysis and triage of security alerts escalated from L1 SOC analysts.
Investigate security incidents across endpoints, email, network, and cloud platforms.
Monitor and respond to incidents utilizing Microsoft Sentinel, including KQL querying and detection rule tuning.
Analyze threats using Microsoft Defender suite (Defender for Endpoint, Office 365, and Cloud).
Perform phishing investigations leveraging tools such as Cofense and Proofpoint.
Analyze and correlate logs using Splunk to identify anomalous activities.
Validate alerts, determine root causes, and propose effective remediation strategies.
Manage incident escalations to L3 teams and collaborate effectively with infrastructure and Incident Response (IR) teams.
Support containment, eradication, and recovery efforts during security incidents.
Develop and maintain comprehensive incident reports, Standard Operating Procedures (SOPs), and security playbooks.
Contribute to use-case tuning, dashboard enhancements, and the reduction of false positives.
Participate in proactive threat hunting and continuous improvement initiatives.

Required Skills:

2–4 years of experience in SOC Operations or Cybersecurity Monitoring.
Strong hands-on experience with Microsoft Defender, Microsoft Sentinel (KQL), and Splunk (Log Analysis).
Proficiency in Phishing Investigation Tools (Cofense / Proofpoint).
Solid understanding of the MITRE ATT&CK Framework, Incident Response Lifecycle, and common attack vectors including malware, ransomware, phishing, and identity-based attacks.
Excellent analytical, troubleshooting, and documentation skills.

Good-to-Have Skills:

Experience with Threat Hunting and Security Use-Case Development.
Exposure to Azure Security and Security Orchestration, Automation, and Response (SOAR) tools.
Experience with SPL (Splunk Query Language).
Knowledge of automation and security orchestration concepts.

Preferred Certifications:

Microsoft SC-200 – Security Operations Analyst
Splunk Core Certified Power User / Enterprise Security
GIAC (GCIA, GCIH)
CEH / CySA+

Company

CGI

Hybrid - Bengaluru, Chennai

Posted on Naukri