Job Description

We require an 8+ Years experienced SOC professional who will be responsible for working on escalated events, evidence collection, analyses, perform forensic investigation, find the root cause of the incident, provide trouble shooting steps. The primary function of this position is to work as a Microsoft Sentinel Expert who can perform alert management, high level investigation which includes but not limited to log analysis, forensic evidence collection, analysis, find the root cause and provide remediation steps. + Security Operation Centre (SOC) L3 + Incident response + Security incident investigation & triage + Threat hunting + Forensics analysis + Malware analysis + Microsoft Sentinel + Level 3 SOC Support + Tool experience - MS Sentinel, MS Defender, SentinelOne **Key Responsibilities Include:** + Investigate escalated incidents from Tier 2 analysts, including advanced persistent threats (APTs) and zero-day attacks. + Perform root cause analysis and identify the scope of a breach. + Conduct proactive threat hunting based on threat intelligence and anomalous patterns in logs. + Develop hypotheses for undetected threats and test them against collected SIEM logs. + Use forensic tools (e.g. FTK, Wireshark) for investigations. + Develop custom detection rules for SIEM and EDR tools to improve detection capabilities. + Fine-tune existing rules to reduce false positives and improve efficiency. + Lead major incident response efforts and guide T1 and T2 analysts. + Prepare detailed reports and executive summaries for stakeholders. + Work closely with Threat Intelligence and Red Teams to enhance detection capabilities. + Mentor and train junior analysts on advanced techniques and tools. **Skills and Qualifications:** + Advanced knowledge of SIEM, EDR, forensic tools, and malware analysis. + Deep understanding of networking (e.g., firewalls, IDS/IPS), operating systems (Windows/Linux), and attack techniques (MITRE ATT&CK). + Leadership skills to guide junior analysts and manage high-pressure incidents. + Strong communication skills for translating technical findings into actionable insights. + 3+ years of experience in cybersecurity, with expertise in SOC operations. + Certifications (Nice to have): CISSP, **GIAC GCIH, GCFA** , OSCP, or equivalent. + Preference will be given to candidate with MS Azure Security Certified Engineers, GIAC or SANS certified Engineers and candidates with prior knowledge working on Azure Sentinel SIEM tool. Azure Sentinel knowledge is mandatory for this position. Application Accepted: 11/25/2025 The annual salary for this position is between $ 90 K- 100K depending on experience and other qualifications of the successful candidate This position is also eligible for Cognizant's discretionary annual incentive program, based on performance and subject to the terms of Cognizant's applicable plans. Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements: + Medical/Dental/Vision/Life Insurance + Paid holidays plus Paid Time Off + 401(k) plan and contributions + Long-term/Short-term Disability + Paid Parental Leave + Employee Stock Purchase Plan Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law. Our strength is built on our ability to work together. Our diverse backgrounds offer different perspectives and new ways of thinking. It encourages lively discussions, creativity, productivity, and helps us build better solutions for our clients. We want someone who thrives in this setting and is inspired to craft meaningful solutions through true collaboration. If you are content with ambiguity, excited by change, and excel through autonomy, we'd love to hear from you! \#LI-AV1#CB#Ind123 Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

Job Tags

Temporary work,

Similar Jobs