L2 SOC

Job Overview

We are seeking an experienced MDR (Managed Detection and Response) L3 Engineer to join our Data Center team. This role involves providing advanced-level expertise in monitoring, threat detection, incident response, and remediation within a data center environment. The ideal candidate will have a deep understanding of cybersecurity principles, tools, and best practices tailored to large-scale infrastructure.

Job Location

Panvel/Chennai

Roles & Responsibilities

Incident Detection and Response

• Monitor, analyze, and investigate security alerts across a multi-tenant data center.
• Act as the escalation point for L1 and L2 MDR teams.
• Lead threat hunting activities to identify and mitigate advanced persistent threats (APTs).
• Perform root cause analysis of security incidents and recommend preventive measures.
  
  

Security Infrastructure Management

• Manage, configure, and optimize SIEM, EDR, NDR, and other detection tools.
• Ensure the security of on-premise and cloud-based systems used in the data center.
• Develop and maintain custom detection rules, scripts, and playbooks.
  
  

Collaboration and Documentation

• Work closely with network, systems, and cloud engineering teams to mitigate risks.
• Document processes, incident reports, and resolutions.
• Provide training and mentorship to L1 and L2 analysts.
  
  

Compliance and Risk Mitigation

• Support compliance initiatives (e.g., GDPR, PCI-DSS, ISO 27001) as applicable.
• Proactively identify and mitigate vulnerabilities within the data center environment.
  
  

EDUCATIONAL QUALIFICATIONS: (degree, training, and certification required)

• BE/B-Tech or equivalent with Computer Science/IT or Electronics & Communication
  
  

Relevant Experience

• 7+ years of experience in cybersecurity, with at least 3 years in MDR/SOC operations.
• Strong expertise in data center security, including network security, endpoint security, and vulnerability management.
• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar), EDR tools (e.g., CrowdStrike, SentinelOne), and firewalls.
• Advanced knowledge of threat landscapes, attack techniques, and mitigation strategies.
• Proficiency in scripting (Python, PowerShell, etc.) for automation and rule creation.
• Certifications such as CISSP, CEH, OSCP, or GIAC (GCIH, GCIA).
• Experience with cloud platforms like AWS, Azure, or GCP.
• Familiarity with Zero Trust and microsegmentation principles.