Systems Engineer - SOC

IMEA (India, Middle East, Africa)

India

LIXIL INDIA PVT LTD

Employee Assignment

Not remote

Full Time

2 June 2025

This is a 6 days working shift based role to provide 24x7 global infrastructure support.

This is a work from office role.

Key Responsibilities

• Proactively monitor 24x7 security alerts (SIEM) and infrastructure alarms to ensure system integrity and availability.
• Analyze logs and perform initial triage of security incidents and IT faults to distinguish between false positives and critical threats.
• Investigate suspicious indicators (IPs, Hashes, URLs) using threat intelligence sources like VirusTotal to prioritize incidents based on severity.
• Execute L1 security playbooks and IT SOPs/KEDB to resolve routine incidents and service requests within defined SLAs.
• Document investigation findings accurately in ticketing systems and escalate complex security or infrastructure issues to Tier 2/3 teams.
• Assist in maintaining monitoring dashboards and generate regular KPI reports on security alert trends and system health.
  
  

• Minimum 2-5 years of combined experience in SOC operations and Infrastructure support, with specific L2-level expertise..
• Strong command of networking (OSI, TCP/IP, DNS) and cybersecurity principles (CIA Triad, Cyber Kill Chain, MITRE ATT&CK) to effectively analyze attack vectors.
• Hands-on experience with SIEM tools (Splunk, Sentinel, QRadar) and EDR solutions (CrowdStrike, Defender) for log analysis, alert monitoring, and incident triage.
• Proficiency in Windows and Linux command-line navigation with the ability to deeply analyze system logs (Event Viewer, Syslog) for anomalies and suspicious activities.
• Experience working in a 24x7 rotational shift environment with a strong track record of adhering to SLAs and documenting incidents via tools like ServiceNow or Jira.
• Excellent problem-solving skills to troubleshoot complex issues across the stack from network packets to VM performance and security alerts
  
  

• Valid security credentials (CompTIA Security+, CySA+, BTL1, CEH,CompTIA Network+) are highly preferred
• Proficiency in scripting languages (Python, PowerShell, PowerCLI, Bash) and automation tools (Ansible, Terraform) to streamline incident response and infrastructure management tasks.
• Exposure to Cloud Security monitoring (AWS, Azure, GCP) and experience utilizing Threat Intelligence platforms and OSINT for deeper analysis.
• Foundation level knowledge with additional virtualization, server, network and cloud..
  
  

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.