SOC Analyst - L1

<h2>Job Description</h2> <p><strong>Job Title</strong>: SOC Analyst - L1</p> <p><strong>Location</strong>: Mumbai</p> <p><strong>Type:&nbsp;</strong>Onsite – Work from office, 24x7</p> <hr> <p><strong>About Neysa</strong>:</p> <p>Neysa is an AI Acceleration Cloud System provider, dedicated to democratizing AI adoption&nbsp;with purpose-built platforms and services for AI-native applications and workloads. Co-founded by industry leaders, we empower businesses to discover, deploy, and scale&nbsp;Generative AI (Gen AI) and AI use cases securely and cost-effectively. Our flagship&nbsp;platforms—Neysa Velocis, Neysa Overwatch, and Neysa Aegis—accelerate AI deployment,&nbsp;optimize network performance, and safeguard AI/ML landscapes. We are committed to&nbsp;enabling AI-led innovation across industries and geographies.</p> <p class="p2"><strong>1. About the Role</strong></p> <p class="p3">At Neysa, our SOC Analysts are the first line of defence in our security ecosystem. This role</p> <p class="p3">is designed for a detail-oriented professional who excels at monitoring, triaging, and</p> <p class="p3">investigating security events in real-time. As an L1.5 analyst, you will be responsible for the</p> <p class="p3">initial "deep dive" into alerts, ensuring that potential threats are identified, analysed, and</p> <p class="p3">documented with precision. This is a foundational role where your ability to connect</p> <p class="p3">disparate data points will directly protect our business landscape.</p> <p class="p2"><strong>2. Key Expectations &amp; Responsibilities</strong></p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Alert &amp; Log Analysis:</strong><span class="Apple-converted-space">&nbsp;</span>Ability to work on log and alert analyses based on the</p> <p class="p3">security alerts generated by the SIEM system.</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Correlation:</strong><span class="Apple-converted-space">&nbsp;</span>Ability to correlate multiple alerts to connect the dots and detect an</p> <p class="p3">overall threat pattern.</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>SLA &amp; Reporting:</strong><span class="Apple-converted-space">&nbsp;</span>Ability to work as per defined SLAs and generate SIEM reports</p> <p class="p3">according to business requirements.</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><span class="s3">Daily Investigation:<span class="Apple-converted-space">&nbsp;</span></span>Assist in investigating security logs across various sources</p> <p class="p3">including Network traffic, Firewalls, IPS, WAF, Endpoints, O365, Cloud and</p> <p class="p3">Databases.</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Incident Analysis:</strong><span class="Apple-converted-space">&nbsp;</span>Experience performing analysis of phishing incidents, malware</p> <p class="p3">incidents, C&amp;C traffic, signature triggers, firewall logs etc.</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Framework Knowledge:</strong><span class="Apple-converted-space">&nbsp;</span>Understanding of the MITRE ATT&amp;CK framework and</p> <p class="p3">Cyber Kill Chain framework.</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Foundations:</strong><span class="Apple-converted-space">&nbsp;</span>Basic but strong understanding of networking, firewalls, Linux</p> <p class="p3">environments, security policies, vulnerabilities, and Indicators of Compromise (IoCs).</p> <p class="p3"><strong>Added Advantages (Good to have):</strong></p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Use Case Support:</strong><span class="Apple-converted-space">&nbsp;</span>Previous experience or interest in assisting with the creation of</p> <p class="p3">detection rules/use cases in a SIEM.</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Proactive Support:</strong><span class="Apple-converted-space">&nbsp;</span>Familiarity with basic threat hunting techniques to look for</p> <p class="p3">anomalies in the environment.</p> <p class="p2"><strong>3. Experience &amp; Qualification</strong></p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Experience:</strong><span class="Apple-converted-space">&nbsp;</span>1 - 3 years of experience working in a Security Operations Center (SOC)</p> <p class="p3">with a primary focus on log analysis, incident management, incident reporting, and</p> <p class="p3">Root Cause Analysis (RCA).</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Availability:</strong><span class="Apple-converted-space">&nbsp;</span>Readiness to work in<span class="Apple-converted-space">&nbsp;</span><strong>24/7 rotational shifts</strong>.</p> <p class="p3"><span class="s1">•</span><span class="s2"><span class="Apple-converted-space">&nbsp;</span></span><strong>Desired Certification (Any one):</strong></p> <p class="p3">Blue Team Level 1 (BTL1)</p> <p class="p3">Certified Ethical Hacker (CEH)</p>