Emicron Techsolutions Pvt Ltd
Website:
emicrontech.com
Job details:
About the OpportunityWe are a leading System Integrator and Managed Security Services provider, partnering with one of the region's most respected banking and financial services institutions to run their 24×7 Security Operations Centre. We are expanding our SOC team and are looking for an experienced Level 2 SOC Analyst to join us on this strategic engagement.
As an L2 analyst, you will be the escalation point for the L1 team — driving deeper investigations, leading incident response activities, and partnering with the client's senior security stakeholders. You will work hands-on with an enterprise-grade security stack (SIEM, EDR, DAM, IDS/IPS, micro-segmentation) in a regulated banking environment where the work genuinely matters.
This is an excellent opportunity to grow your career inside a structured managed services practice while gaining deep exposure to a Tier-1 BFSI security programme.
What You'll DoInvestigation & Incident Response• Act as the primary escalation point for L1 analysts on confirmed or suspicious security incidents.
• Perform in-depth investigation, correlation, and root-cause analysis across SIEM, EDR, IDS/IPS, DAM, and endpoint protection platforms.
• Lead containment, eradication, and recovery activities in line with established SOPs and the client's incident response playbooks.
• Drive incident documentation, evidence preservation, timeline reconstruction, and post-incident reviews.
• Escalate complex or high-severity incidents to L3 / Incident Response specialists with a clear, evidence-backed handover.
Threat Detection & Use-Case Tuning• Continuously review SIEM alerts, identify false-positive patterns, and recommend rule tuning to improve signal quality.
• Support development and refinement of detection use cases, correlation rules, and dashboards.
• Conduct proactive threat hunting based on threat intelligence, IOCs, and observed attack patterns.
• Stay current on emerging threats, TTPs, and MITRE ATT&CK techniques relevant to the BFSI sector.
Security Tool Operations• Operate and monitor an enterprise security stack including SIEM, EDR, IDS/IPS, Database Activity Monitoring, antivirus, and micro-segmentation platforms.
• Validate dashboard health, log source integrations, and agent coverage; troubleshoot gaps with platform owners.
• Coordinate with OEM / vendor support and the client's engineering teams for tool-related issues.
Mentoring, Reporting & Governance• Mentor and guide L1 analysts on triage quality, investigation depth, and escalation discipline.
• Prepare daily, weekly, and monthly SOC reports, dashboards, and incident metrics for client stakeholders.
• Support internal, external, and regulatory audit submissions, including evidence packs and control walk-throughs.
• Adhere to and uphold the client's cybersecurity policies, standards, and regulatory requirements applicable to the banking sector.
• Participate in security awareness initiatives, tabletop exercises, and operational drills.
What We're Looking ForMust-Have• 3–6 years of hands-on SOC experience, with at least 1–2 years operating as an L2 analyst or equivalent.
• Strong investigation skills across SIEM platforms (QRadar, Splunk, Sentinel, ArcSight, or similar).
• Hands-on experience with EDR platforms (Cybereason, CrowdStrike, SentinelOne, Defender for Endpoint, or similar).
• Working knowledge of IDS/IPS, antivirus / endpoint protection, Database Activity Monitoring, and network segmentation tooling.
• Solid understanding of Windows and Linux internals, log analysis, and core networking protocols.
• Familiarity with the MITRE ATT&CK framework, cyber kill chain, and modern attacker TTPs.
• Sound understanding of incident response lifecycle, SOPs, and chain-of-custody / evidence handling.
• Ability to work in a 24×7 rotational shift environment, including nights and weekends.
Nice to Have• Prior experience supporting a BFSI / banking client or working in a regulated environment.
• Exposure to managed security services (MSSP) delivery models and SLA-driven operations.
• Basic scripting skills (Python, PowerShell, or KQL/SPL) for investigation and automation.
• Awareness of cloud security monitoring (AWS / Azure / GCP).
Education• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field — or equivalent practical experience.
Preferred Certifications• CompTIA CySA+ / Security+
• CEH (Certified Ethical Hacker)
• Cisco CyberOps Associate / Professional
• GIAC GCIA / GCIH (advantage)
• Vendor certifications on the operated SIEM or EDR platform
Core Strengths• Strong analytical, problem-solving, and decision-making skills under pressure.
• Excellent written and verbal communication — comfortable presenting findings to senior client stakeholders.
• Disciplined, detail-oriented, and ownership-driven.
• Collaborative team player able to mentor juniors and partner with engineering, IR, and audit teams.
Why Join Us• Deploy on a flagship, long-term BFSI SOC engagement with high visibility and strong technical depth.
• Hands-on exposure to a best-in-class enterprise security stack.
• Structured career progression — L2 → L3 / Threat Hunting / Incident Response / SOC Lead — within our managed services practice.
• Certification sponsorship and continuous learning support.
• Competitive compensation, shift allowances, and benefits aligned with industry best practice.
Click on Apply to know more.