What is the salary for this SOC Analyst / Threat Hunter (L2) position?

Salary information for this SOC Analyst / Threat Hunter (L2) position is available upon application.

What experience is required for this SOC Analyst / Threat Hunter (L2) role?

This SOC Analyst / Threat Hunter (L2) position requires mid_level of experience.

Where is this SOC Analyst / Threat Hunter (L2) job located?

This SOC Analyst / Threat Hunter (L2) position is located in Hyderabad, Telangana, India.

How do I apply for this SOC Analyst / Threat Hunter (L2) position at Cantellat Solutions?

You can apply for this SOC Analyst / Threat Hunter (L2) position by clicking the 'Apply Now' button on this page, which will direct you to the official application portal.

Cantellat Solutions•1h ago

SOC Analyst / Threat Hunter

Hyderabad, Telangana, India

Full Time

Mid Level

Auto Apply to 50+ AI Matched SOC Analyst / Threat Hunter Jobs

Use Auto Apply Agents to Bulk Apply jobs with ATS Optimised Resumes, find verified Insider Connections for jobs at Cantellat Solutions

Full Job Description

About the Job

Cantellat Solutions is seeking a skilled SOC Analyst / Threat Hunter (L2) to join our team in Hyderabad, Telangana, India. This is a full-time, onsite position focused on bolstering our security operations across both on-premise and AWS environments. The role is crucial for investigating alerts, proactively hunting for threats, supporting incident response, and enhancing our detection capabilities to ensure the security and reliability of our platform.

Key Responsibilities

Triage and investigate alerts originating from SIEM, EDR, NDR, and CSPM tools.
Correlate logs from various sources including endpoints, networks, and AWS cloud services.
Conduct in-depth investigations into IAM misuse, unusual API calls, privilege escalation attempts, and exposed storage vulnerabilities.
Support containment strategies, including isolating workloads, revoking compromised keys, and suspending suspect IAM users.
Perform root cause analysis for both cloud and on-premise security incidents.
Validate and ensure comprehensive security tool coverage (CSPM/CIEM) across all environments.
Contribute to post-incident reviews and maintain updated incident response playbooks.
Execute proactive threat hunting exercises across cloud and on-premise logs.
Apply MITRE ATT&CK (Cloud) techniques to identify and understand threat behaviors.
Improve and fine-tune existing detection rules and monitoring logic.
Identify and recommend opportunities for automation within incident response workflows.

Required Qualifications

Possess 2-4 years of experience in a Security Operations Center (SOC), Incident Response (IR), or security monitoring role.
Demonstrate hands-on experience with log analysis and investigation within cloud platforms, specifically AWS (utilizing CloudWatch, CloudTrail, GuardDuty).
Maintain a solid understanding of attacker Tactics, Techniques, and Procedures (TTPs) in cloud environments, including exposed credentials, over-permissioned roles, container abuse, and cloud lateral movement.
Exhibit proficiency with SIEM/EDR platforms and standard investigation workflows.
Possess basic scripting or automation knowledge (e.g., Python, PowerShell, Boto3).
Familiarity with cloud-native security tools, such as AWS Config.
Certifications like CySA+ or AWS Security Specialty are considered desirable.

Company

Cantellat Solutions

Hyderabad, Telangana, India

Posted on LinkedIn