Alphasense
Alphasense

Security Operations Analyst

operationsfull-timeRemote - India
SALARY
Not specified
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
ai
Apply for this position →
✦ AutoApply — Let us apply to roles like this on your behalf.
Learn more →

About the role

About the Role

The Security Operations Center (SOC) Analyst is a position responsible for monitoring, analyzing, and triaging security events and alerts. This role supports the AlphaSense Security Operations Center by performing initial investigation and triage of potential security events and escalating them according to defined procedures. This role reports to the Security Operations Manager.

Alert triage and investigation

  • Monitor and triage security alerts across SIEM, EDR, cloud security, identity and other platforms
  • Perform initial investigation on escalated events, collecting and correlating evidence across log sources
  • Execute containment and remediation actions under defined escalation thresholds
  • Maintain accurate and timely documentation in the incident tracking system

Detection and threat intelligence

  • Contribute to YARA-L rule development and tuning in Chronicle/Google SecOps
  • Assist with CrowdStrike Falcon IOA and prevention policy maintenance
  • Review and act on SOCRadar threat intelligence feeds, correlating IOCs against internal telemetry
  • Identify detection gaps and recommend coverage improvements

Cloud and identity security

  • Triage cloud security findings from environments
  • Investigate identity anomalies including suspicious login patterns and MFA bypass attempts
  • Support cloud IR investigations Log analysis

Program development

  • Author and maintain SOC runbooks and triage playbooks
  • Participate in knowledge transfer during shift handoff
  • Support compliance-adjacent security activities

Who You Are

Basic Requirements

  • 2–4 years of SOC, incident response, or security operations experience
  • Bachelor's degree (B. Tech) from a Tier1, Tier2 institution.
  • Hands-on experience with a SIEM platform (Chronicle, Splunk, Sentinel, or equivalent)
  • Familiarity with EDR tooling (CrowdStrike Falcon preferred)
  • Foundational understanding of cloud security concepts across AWS or GCP
  • Working knowledge of identity threat patterns (credential stuffing, MFA fatigue, account takeover)
  • Ability to read and interpret logs: authentication, network, endpoint, and cloud audit trails
  • Strong written communication skills — clear, concise incident documentation and escalation summaries

Preferred

  • Exposure to CSPM/CWPP platform
  • Familiarity with various log schemas
  • Scripting proficiency in Python or
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. $14.44/mo.
Start AutoApply →
Apply now →