Responsibilities: + Act as the primary point of contact for incident escalations from Tier 1/2 analysts. + Act as technical contributor during major security incidents contributing to improvement in the team’s capability. + Lead the investigation and response to security incidents, leveraging advanced technical skills and threat intelligence. + Triage security alerts, perform in-depth analysis to determine root cause and impact, and develop effective containment and remediation strategies. + Develop and execute incident response plans, ensuring proper communication and documentation throughout the incident lifecycle. + Work in a ‘business hours + rostered on-call’ environment + Utilize SIEM (Security Information and Event Management) and other security tools to identify and analyze potential threats. + Develop and fine-tune security rules and correlation logic to improve threat detection capabilities. + Maintain detailed documentation of security incidents, investigations, and response actions. Requirements: + 5-7 years of experience in a SOC or security analyst role. + Proven track record of successfully identifying, analyzing, and responding to security incidents. + Strong background in formulation and execution of threat hunt scenarios and the development of subsequent use cases to uplift detection capability. + Experience working on any of the scripting languages such as Python etc. + Relevant industry certifications such as GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), or CompTIA Security or Vendor certs are highly desirable. + In-depth knowledge of Sentinel, Splunk, CrowdStrike, Securonix, LogRhythm, Rapid7 MS Defender, other Threat centric tools, IDS/IPS, email security, vulnerability scanners and other security technologies. + Detection and mitigation strategies for a broad range of cyber threats, including malware, DDOS, hacking, phishing, lateral movement and data exfiltration.