SOC Analyst Cyber Security Analyst

About Sopra Steria
Sopra Steria, a major Tech player in Europe with 51,000 employees in nearly 30 countries, is recognised for its consulting, digital services and solutions. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to make large companies and organisations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. In 2025, the Group generated revenues of €5.6 billion.
The world is how we shape it.

Location - Chennai / BLR

Environment: Palo Alto SOAR, Splunk, Microsoft MDE and Sentinel

Should be open to work in European shift hours and 24x7 if required.

Role Overview

The SOC Analyst (L1/L2) and Lead are responsible for proactive monitoring, detection, investigation, and response to security threats using industry-leading solutions. The Lead also guides the team, architecting and optimising SOC workflows and systems to ensure robust organisational security.

Key Responsibilities:

Monitoring & Detection Tools

1. Use, configure, and optimize SIEM tools (Splunk, IBM QRadar, Microsoft Sentinel, LogRhythm, ArcSight, Elastic SIEM) for threat identification and alert management.
2. Monitor network, endpoint, and cloud environments for anomalous activity.

Incident Detection & Response

1. Triage and prioritise alerts, investigate suspicious activity, and conduct malware analysis (static and dynamic).
2. Perform root cause analysis (RCA) and drive incident response flows (containment, eradication, recovery).
3. Prepare and maintain documentation for incidents, actions, and outcomes.

Endpoint Security & Investigation

1. Operate Microsoft Defender for Endpoint, conduct threat hunting via EDR telemetry and memory dumps.
2. Investigate endpoint alerts, correlate findings, and escalate complex cases as needed.

Network Security & Vulnerability Management

1. Analyze network traffic and manage perimeter security using firewalls (Palo Alto, Fortinet, Cisco ASA).
2. Administer DLP and email security systems.
3. Conduct vulnerability scans and assessments with tools like Qualys.

Threat Intelligence Integration

1. Ingest and correlate IOCs; map attacker TTPs to active threats.
2. Integrate threat intelligence feeds into SOC workflows for improved detection and response.

Must-Have Skills

1. Strong knowledge of SIEM platforms and alert investigation.
2. Advanced incident response, malware analysis, and RCA expertise.
3. Deep knowledge of endpoint and network security tools.
4. Threat hunting and forensic investigation capabilities.
5. Familiarity with vulnerability management and DLP/email security.
6. Experience with threat intelligence platforms and TTP mapping.
7. Strong analytical, communication, and documentation skills.
8. Leadership and team management (Lead role).

Desired Skills

1. Scripting/automation (Python, PowerShell, Shell).
2. SOAR platform experience.
3. Regulatory compliance awareness (PCI DSS, GDPR, HIPAA, ISO 27001).
4. Continuous improvement and policy development mindset.

Certifications (Preferred)

1. Security+, CySA+,
2. SC-200 . SC-900
3. Certified SOC Analyst (CSA)
4. Vendor SIEM/EDR certifications (Splunk, QRadar, Sentinel, Defender)

Total Experience Expected: 04-06 years

Qualification includes Bachelor / Masters Degree in Information Technology, Cybersecurity or Engineering, or equivalent qualification

Should be open to work in European shift hours.

At our organization, we are committed to fighting against all forms of discrimination. We foster a work environment that is inclusive and respectful of all differences.

All of our positions are open to people with disabilities.