SOC Analyst L2

2 Months ago • 5-10 Years • Cyber Security

Job Summary

Job Description

The SOC Analyst L2 role at Rackspace Cyber Defence involves detecting, analyzing, and responding to threats across customer environments (on-premises, private, public, and multi-cloud). Responsibilities include triaging alerts, determining threat validity, liaising with stakeholders, incident handling, threat hunting, developing dashboards and reports, creating use cases, and assisting with customer onboarding. This requires experience with Microsoft Sentinel, cloud security monitoring tools, and various security technologies. Advanced threat hunting, incident analysis reporting, and playbook enhancements are also key aspects of the role. The position demands a proactive, self-starting individual with strong analytical and communication skills.
Must have:
  • 5-10 years SOC experience
  • Microsoft Sentinel expertise
  • Incident detection and response
  • Threat hunting and analysis
  • Cloud security monitoring
  • Stakeholder communication
Good to have:
  • Experience with GCP and AWS security tools
  • Scripting/coding skills (Python, etc.)
  • DevOps experience
  • Relevant security certifications

Job Details

Role Name
SecOps Analyst L2

Experience - 5-10years
Sentinel Experience is a plus

Work Pattern
Rotational Shift (24x7, 5 on 2 off)

About Rackspace Cyber Defence
Rackspace Cyber Defence is our next generation cyber defence and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services.
Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads.
Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defence capabilities that deliver a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.
Our mission is to help our customers:
·       Proactively detect and respond to cyber-attacks – 24x7x365.
·       Defend against new and emerging risks that impact their business.
·       Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.
·       Reduce their exposure to risks that impact their identity and brand.
·       Develop operational resilience.
·       Maintain compliance with legal, regulatory and compliance obligations.
 
What we’re looking for
To support our continued success and deliver a Fanatical Experience™ to our customers, Rackspace Cyber Defence is looking for an Indian based Security Operations Analyst (L3) to support Rackspace’s strategic customers.
This role is particularly well-suited to a self-starting, experienced and motivated Sr. Sec Ops Analyst, who has a proven record of accomplishment in the cloud security monitoring and incident detection domain.
As a Security Operations Analyst(L3), you will be responsible for detecting, analyzing, and responding to threats posed across customer on-premises, private cloud, public cloud, and multi-cloud environments.
The primary focus will be on triaging alerts and events (incident detection), which may indicate malicious activity, and determining if threats are real or not.
You will also be required to liaise closely with the customer’s key stakeholders, which may include incident response and disaster recovery teams as well as information security.

Key Accountabilities
Should have experience of 5 years in SOC.
Ensure the Customer’s operational and production environment remains secure at all the times and any threats are raised and addressed in a timely manner.
Critical incident handling & closure.
Escalation management and handling escalations from L1 Analysts.
Proactive discovery of threats based on MITRE ATT&CK framework.
Deep investigation and analysis of critical security incidents.
Post breach forensic incident analysis reporting.
Review the weekly and monthly reports.
Review new use cases created by L2 and implement in cloud-native SIEM (Security Information and Event Management).
Assist with customer onboarding (such as use case development, identifying data sources, configuring data connectors etc)
Advanced threat hunting.
Develop custom dashboards and reporting templates.
Develop complex to customer specific use cases.
Advanced platform administration.
Solution recommendation for issues.
Co-ordinate with vendor for issue resolution.
Basic and intermediate playbook and workflow enhancement.
Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc.
Develop the custom parsers for the incident and alert enrichment.
Problem specific playbook and workflow creation and enhancements
Required to work flexible timings.
 
Skills & Experience
·       Existing experience as a Security Operations Analyst, or equivalent.
·       Experience of working in large scale, public cloud environments and with using cloud native security monitoring tools such as: -
o   Microsoft Sentinel
o   Microsoft 365 Defender
o   Microsoft Defender for Cloud
o   Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint.
o   Firewalls and network security tools such as Palo Alto, Fortinet, Juniper, and Cisco.
o   Web Application Firewall (WAF) tools such as Cloudflare, Akamai and Azure WAF.
o   Email Security tools such as Proofpoint, Mimecast and Microsoft Defender for Office
o   Data Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec
o   Nice to have skills/experience includes:
§  Google Cloud Platform (GCP) security tools such as Chronicle and Security Command Centre
§  Amazon Web Services (AWS) security tools such as Security Hub, AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail
·       Experience of analysing malware and email headers, and has skills in network security, intrusion detection and prevention systems; operating systems; risk identification and analysis; threat identification and analysis and log analysis.
·       Experience of security controls, such as network access controls; identity, authentication, and access management controls (IAAM); and intrusion detection and prevention controls.
·       Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc.
·       Experience with scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell.
·       Experience with DevOps practices and tools such as Backlogs, Repo’s, Pipelines, Artifacts, CI/CD, JIRA, Azure DevOps, CircleCI, GitHub Actions, Ansible and/or Jenkins.
·       Computer science, engineering, or information technology related degree (although not a strict requirement)
·       Holds one, or more, of the following certificates (or equivalent): -
o   Certified Information Security Systems Professional (CISSP)
o   Microsoft Certified: Azure Security Engineer Associate (AZ500)
o   Microsoft Certified: Security Operations Analyst Associate (SC-200)
o   CREST Practitioner Intrusion Analyst (CPIA)
o   CREST Registered Intrusion Analyst (CRIA)
o   CREST Certified Network Intrusion Analyst (CCNIA)
o   Systems Security Certified Practitioner (SSCP)
o   Certified Cloud Security Professional (CCSP)
o   GIAC Certified Incident Handler (GCIH)
o   GIAC Security Operations Certified (GSOC)
·       A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail.
·       A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.
·       Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure.
·       An individual who shows a willingness to go above and beyond in delighting the customer.
·       A good communicator who can explain security concepts to both technical and non-technical audiences.
About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
 
 
More on Rackspace Technology
Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
 
 
More on Rackspace Technology
Though we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.
undefined

Similar Jobs

KBG Blockchain Game Studios - Technical Lead (Blockchain Project)

KBG Blockchain Game Studios

Thành Phố Hồ Chí Minh, Vietnam (On-Site)
10 Months ago
McDonald's Corporation - Software Engineer II - (C#/Angular)

McDonald's Corporation

Mexico City, Mexico (Hybrid)
2 Months ago
Sprinkler - Lead - Product Engineer - Backend

Sprinkler

Gurugram, Haryana, India (On-Site)
2 Weeks ago
Globalization Partners - Software Engineering Manager/Sr. Software Engineering Manager

Globalization Partners

Northern Ireland, United Kingdom (Remote)
1 Week ago
Hudl - Senior Software Engineer

Hudl

Lexington, Kentucky, United States (Hybrid)
1 Month ago
On Location - Senior Security Manager, Milano-Cortina 2026 Olympic & Paralympic Games

On Location

Milan, Lombardy, Italy (On-Site)
4 Months ago
ION - Senior Security Architect

ION

Milan, Lombardy, Italy (On-Site)
7 Months ago
Google - Staff Software Engineer, Product Security Engineering, Cloud CISO

Google

Seattle, Washington, United States (On-Site)
1 Month ago
Trek - IT Security Operations Analyst

Trek

Haryana, India (On-Site)
3 Months ago
NVIDIA - Networking Architecture Intern, Security Research

NVIDIA

Cambridge, England, United Kingdom (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Alphasense - Senior Cloud Security Engineer

Alphasense

Delhi, India (On-Site)
1 Week ago
DEVOTEAM - Business Analyst Government

DEVOTEAM

Amsterdam, North Holland, Netherlands (On-Site)
2 Weeks ago
Boomi - Software Principal Engineer

Boomi

Ramat Gan, Tel Aviv District, Israel (Hybrid)
1 Month ago
datcroft - JAVA ENGINEER

datcroft

Voronezh, Voronezh Oblast, Russia (On-Site)
3 Weeks ago
Scopely - Principal Server Engineer, Infrastructure

Scopely

Barcelona, Catalonia, Spain (On-Site)
4 Months ago
Tide - Senior Engineer, Python (Data & AI)

Tide

Sofia, Sofia City Province, Bulgaria (Hybrid)
1 Month ago
Capgemini - Data Analytics Lead

Capgemini

Mumbai, Maharashtra, India (On-Site)
2 Weeks ago
CGS Carrers - Lead Frontend Engineer

CGS Carrers

Indonesia (Remote)
2 Weeks ago
Adobe - Big Data Engineer

Adobe

Bengaluru, Karnataka, India (On-Site)
2 Weeks ago
IBKR External - Senior Python Developer

IBKR External

Hyderabad, Telangana, India (Hybrid)
2 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Gurugram, Haryana, India

Capgemini - Azure Devops + Terraform

Capgemini

Pune, Maharashtra, India (On-Site)
2 Weeks ago
Consilio LLC - Software Developer

Consilio LLC

Bengaluru, Karnataka, India (On-Site)
6 Months ago
ION - Senior Credit Research Analyst - 271

ION

Mumbai, Maharashtra, India (On-Site)
7 Months ago
InvenioLSI - Full Stack Consultant

InvenioLSI

Hyderabad, Telangana, India (On-Site)
2 Weeks ago
Capgemini - FW - Development

Capgemini

Bengaluru, Karnataka, India (On-Site)
2 Weeks ago
Devrev - Customer Success Manager

Devrev

Chennai, Tamil Nadu, India (On-Site)
2 Weeks ago
Toppan Merrill - Systems Engineer

Toppan Merrill

Chennai, Tamil Nadu, India (On-Site)
8 Months ago
NCR Atleos - .NET Fullstack Developer III

NCR Atleos

Mumbai, Maharashtra, India (On-Site)
3 Weeks ago
Accenture - Sales Operations Manager

Accenture

Bengaluru, Karnataka, India (Hybrid)
1 Month ago
Rockstar Games - Associate Dialogue Editor

Rockstar Games

Bengaluru, Karnataka, India (On-Site)
1 Week ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Sporty Group - Director of IT & Security

Sporty Group

(Remote)
1 Month ago
CloudLinux - Senior Python Developer with Security Expertise

CloudLinux

Sofia City Province, Bulgaria (Remote)
2 Months ago
Varonis  - Cloud Security Researcher

Varonis

Herzliya, Tel Aviv District, Israel (On-Site)
7 Months ago
ION - Intermediate IT Auditor, Italy

ION

Collecchio, Emilia-Romagna, Italy (On-Site)
7 Months ago
ByteDance - Full-Stack Software Engineer - Security Operation Center

ByteDance

San Jose, California, United States (On-Site)
7 Months ago
Rockstar Games - Director, Security Operations

Rockstar Games

New York, New York, United States (On-Site)
7 Months ago
Google - AI Information Security Engineer

Google

Zürich, Zurich, Switzerland (On-Site)
1 Month ago
PwC - Senior Experimentado - Application support analyst

PwC

Buenos Aires, Buenos Aires, Argentina (On-Site)
7 Months ago
Google - Security Analyst, Detection Response

Google

Dublin, County Dublin, Ireland (On-Site)
1 Month ago
Plarium - SecOps Engineer

Plarium

Herzliya, Tel Aviv District, Israel (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

About The Company

Gurugram, Haryana, India (Remote)

Bengaluru, Karnataka, India (Remote)

Gurugram, Haryana, India (Remote)

Toronto, Ontario, Canada (Remote)

Jalisco, Mexico (Remote)

Gurugram, Haryana, India (Remote)

View All Jobs

Get notified when new jobs are added by Rackspace Technology

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug