CHENNAI · FULLTIME
SOC Engineer (L3)
Larsen & Toubro-Vyoma
Chennai · onsite · Posted 1d ago
Your match
Sign in to see your match score, skill gaps & tailored resume.
Section · 01
About this role
Job Purpose The SOC L3 acts as the Senior technical escalation point within the SOC, leading threat hunting, advanced incident investigations, security engineering improvements, and strategic cyber defence initiatives. Protect multi‑tenant GPU cloud with
defense ‑
in ‑
depth , ensuring
zero ‑
trust ,
auditability , and
regulatory alignment .
Roles & Responsibilities
- Lead investigation of sophisticated cyber attacks and advanced persistent threats (APTs).
- Perform proactive threat hunting across enterprise environments.
- Develop advanced detection engineering use cases.
- Design and optimize SIEM, SOAR, XDR, and cloud security monitoring capabilities.
- Conduct forensic investigations across endpoints, networks, cloud, and identity platforms.
- Develop incident response playbooks and automation workflows.
- Lead post-incident reviews and lessons-learned sessions.
- Provide security recommendations to architecture and engineering teams.
- Mentor SOC L1/L2 analysts and support career development.
- Coordinate with Threat Intelligence and Red Team functions.
- Support security audits, compliance, and executive reporting.
- ON-CALL Support for L2/L1 support team.
- Implementation
- Enforce
IAM/RBAC ,
least privilege , and
network micro ‑
segmentation ; secrets/KMS integration.
- Define
secure baselines for OS, containers, CUDA drivers, and platform services; supply‑chain controls (image signing/SBOM).
- Implement and management experience of cloud network security controls such as security groups, firewalls, WAF, DDoS, micro-segmentation, EDR, DLP, PIM/PAM and secure connectivity etc
- Operations Continuous
vulnerability management , patch cadence,
threat detection (EDR/XDR), and audit log integrity. Periodic
access reviews ,
key rotation , and compliance evidence packs.
- Reliability & Incident Incident response (containment/forensics/eradication); purple‑team exercises; tabletop drills.
- Data Protection Encryption in ‑
transit/at ‑
rest , tenant isolation boundaries,
data retention , legal holds, and purge workflows.
Experience & Educational Requirement BE/B-Tech or equivalent with Computer Science or Electronics & Communication
Certifications :- CISSP; CISM/CISA; CCSP; ISO 27001 Lead Implementer/Auditor, GCFA, GCTI, CISSP, CCSP, AZ-500, SC-100, SC-200, GIAC Certifications, Microsoft Cybersecurity Architect Expert, Kubernetes Security Specialist.
RELEVANT EXPERIENCE
- 8–15 years cybersecurity; strong cloud security,
zero ‑
trust , and data privacy in regulated environments.
- Deep expertise in Sentinel, Splunk, QRadar, Chronicle, or equivalent SIEM platforms.
- Advanced knowledge of Microsoft Defender XDR, Defender for Cloud, CrowdStrike, SentinelOne, and other XDR solutions.
- Strong threat hunting expertise using MITRE ATT&CK framework.
- Expertise in cloud security (Azure, AWS, GCP).
- Digital forensics and malware reverse engineering knowledge.
- Security automation using Python, PowerShell, Logic Apps, SOAR platforms.
- Detection engineering and threat modeling skills.
- Knowledge of Zero Trust Architecture and Identity Security.
- Ability to lead major security incidents and crisis management efforts.
- Experience with Active Directory, Microsoft Entra ID, CyberArk, or enterprise PAM solutions.
- Experience with NIST CSF, NIST 800-61, MITRE, CIS Controls, and ATTACK evaluations.
- Experience building SOC metrics, executive dashboards, and reporting for senior leadership.
- Experience with security architecture reviews and cloud landing zone security.
- Investigate advanced identity-based attacks involving Active Directory, Microsoft Entra ID, PAM, IAM, Kerberos, and hybrid identity environments.
- Lead investigations involving Kubernetes, container runtime, virtualization platforms, and GPU infrastructure security.
Tools / Tech SIEM (Splunk/ELK), EDR/XDR, image scanners (Trivy/Clair), OPA/Gatekeeper, Vault/KMS/HSM, HashiCorp Boundary (or equivalent), NVIDIA DCGM, NVIDIA BCM, Firewalls, DDOS, WAF, LB, VAM, PAM
Sourced from linkedin · view original
Let the agent run this one for you.
Tailored resume, auto-apply, and referral lookup — in under 2 minutes.
Section · 02