Job description:

Senior SOC Analyst / SOC Lead Private Cloud Security Incident Response Team\\r\\nProfile Summary\\r\\nHighly experienced SOC Analyst / Security Incident Responder with expertise in multi-cloud security (AWS, Azure, GCP), SAP security, and enterprise infrastructure protection. Proven ability to detect, investigate, and respond to complex security incidents in large-scale private cloud environments hosting thousands of customer SAP landscapes. Strong hands-on experience with cloud-native security tools (AWS GuardDuty, Azure Defender, GCP SCC), SIEM, SOAR, EDR, and network security. Deep knowledge of Linux, Windows, and SAP Basis security, along with incident response best practices (NIST 800-61, MITRE ATT&CK;).\\r\\nKey Skills & Expertise\\r\\n Security Operations & Threat Detection\\r\\no Incident detection, triage, and response using SIEM (Splunk, Sentinel, Chronicle, QRadar, etc.)\\r\\no SOAR-based automation for response & remediation\\r\\no Threat intelligence & hunting (MITRE ATT&CK;, Sigma rules, YARA)\\r\\no Malware analysis & forensic investigations\\r\\no Insider threat monitoring & UEBA\\r\\n Multi-Cloud Security (AWS, Azure, GCP)\\r\\no AWS: GuardDuty, Security Hub, CloudTrail, IAM, Network Firewall, KMS, SCPs, Macie\\r\\no Azure: Microsoft Defender for Cloud, Sentinel, Log Analytics, Key Vault, NSG\\r\\no GCP: Security Command Center (SCC), Forseti, Cloud Armor, VPC Service Controls\\r\\no Cross-cloud IAM, network security, compliance controls (CIS, NIST, ISO 27001)\\r\\n SAP Security & Basis Administration\\r\\no Secure SAP NetWeaver, HANA DB, S/4HANA in cloud environments\\r\\no SAP security hardening, RFC security, SNC, SAProuter\\r\\no SAP audit logs, STAD, SM19/SM20 security trace monitoring\\r\\n Windows & Linux Security\\r\\no Hardening & compliance: CIS Benchmarks, STIGs\\r\\no Endpoint detection (Microsoft Defender, CrowdStrike, SentinelOne)\\r\\no Sysmon & Windows Event logging\\r\\no Linux security monitoring (Auditd, SELinux, AppArmor)\\r\\no Privileged Access Management (PAM) & sudo policies\\r\\n Network & Perimeter Security\\r\\no Firewalls, NGFW (Palo Alto, FortiGate, CheckPoint)\\r\\no WAF (Cloudflare, AWS WAF, Azure WAF)\\r\\no Proxy & Web filtering (Cisco Umbrella, Zscaler)\\r\\no NDR (Darktrace, ExtraHop, Vectra AI)\\r\\no Zero Trust & Network Segmentation\\r\\n Incident Response & Digital Forensics\\r\\no NIST 800-61, ISO 27035, CREST Incident Response methodology\\r\\no Forensic tools: Velociraptor, Autopsy, FTK, Volatility\\r\\no Memory & disk forensics (Windows, Linux)\\r\\no Cloud forensics (AWS Athena, GCP BigQuery, Azure KQL)\\r\\n \\r\\nExperience Requirements\\r\\n 7+ years in SOC / Threat Detection & Incident Response\\r\\n 3+ years in multi-cloud security (AWS, Azure, GCP)\\r\\n 2+ years handling SAP security incidents & hardening\\r\\n Strong Windows/Linux admin & security skills\\r\\n Hands-on network security monitoring & analysis\\r\\n\\r\\n\\r\\n

• To adhere to quality standards, regulatory requirements and company policies
• To ensure positive customer experience and CSAT through First Call Resolution and minimum rejected resolutions / Reopen Cases
• To participate or contribute on EN business in creation of proposals to drive Service improvement plans.
• To independently resolve tickets & esnure that the agreed SLA of ticket volume and time are met for the team.
• To provide support for on call escalations /L3 level support and doing incident & problem management
• Work on value adding activities such Knowledge base update & management, Training freshers, coaching analysts & conducting interviews/participation in hiring drives.