Monitor, detect, and respond to security threats in real time using SIEM and EDR platforms, protecting enterprise systems at APPIT Software Solutions in Hyderabad.
Hyderabad, India
Full-time
Cybersecurity
Responsibilities
Monitor security alerts and events from SIEM platforms (Splunk, Microsoft Sentinel, or Elastic SIEM) around the clock
Perform initial triage, investigation, and escalation of security incidents following established playbooks and runbooks
Analyze logs from firewalls, IDS/IPS, EDR, proxy servers, and cloud environments to identify indicators of compromise
Develop and tune SIEM detection rules, correlation logic, and alert thresholds to reduce false positives
Document incident timelines, root cause analyses, and lessons learned for post-incident reviews
Collaborate with threat intelligence and vulnerability management teams to proactively identify emerging risks
Requirements
3+ years of experience as a SOC analyst or in a security monitoring role
Hands-on experience with SIEM platforms (Splunk, Sentinel, QRadar, or Elastic SIEM)
Strong knowledge of common attack vectors, malware families, and intrusion detection techniques
Understanding of network security fundamentals (TCP/IP, DNS, HTTP, TLS) and log analysis
Experience with endpoint detection and response (EDR) tools such as CrowdStrike, SentinelOne, or Carbon Black
Familiarity with incident response frameworks (NIST SP 800-61, SANS Incident Handling)
Nice to Have
CompTIA CySA+, GCIH, or BTL1 certification
Experience with SOAR platforms for automated incident response
Knowledge of threat hunting techniques using MITRE ATT&CK