Tier 2 SOC Analyst (Senior SOC Analyst)

Eviden, part of the Atos Group, with an annual revenue of circa € 5 billion is a global leader in data-driven, trusted and sustainable digital transformation. As a next generation digital business with worldwide leading positions in digital, cloud, data, advanced computing and security, it brings deep expertise for all industries in more than 47 countries. By uniting unique high-end technologies across the full digital continuum with 47,000 world-class talents, Eviden expands the possibilities of data and technology, now and for generations to come.

Job Description: Tier 2 SOC Analyst (Senior SOC Analyst) – Splunk SIEM Environment

Key Responsibilities:

Monitor and ensure timely detection and notification of all threats within the customer environment using Splunk SIEM.

Deliver customer-specific requirements, adhering to agreed service level agreements (SLAs).

Understand customer expectations and translate them into actionable service outcomes.

Manage the scope of work, including scheduled and ad-hoc deliverables, and track deviations effectively.

Collaborate with platform administrators to onboard new log sources, maintain the health of the Splunk infrastructure, and ensure seamless integration of devices.

Develop and maintain threat detection scenarios and procedures aligned with industry best practices and customer requirements.

Leverage strong analytical and technical skills to enhance computer network defense operations, including Splunk query creation and advanced threat detection techniques.

Handle incidents by performing detection, analysis, triage, and resolution.

Perform threat hunting using Splunk's capabilities, identifying anomalous patterns, and managing content such as custom dashboards, alerts, and reports.

Investigate security events, distinguishing actual incidents from false positives, and apply Splunk searches to enrich detection.

Maintain working knowledge of: Operating systems (Windows/Linux).

Network technologies (firewalls, proxies, DNS, and NetFlow).

Active Directory and identity-based attacks.

Network protocols (TCP, UDP, ICMP, etc.) and routing principles.

Common internet applications and standards (SMTP, DNS, DHCP, SQL, HTTP/HTTPS).

Gap Analysis and Continuous Improvement: Perform gap analysis to ensure all in-scope log sources are monitored effectively.

Identify missing use cases, hunting models, or detection scenarios, ensuring the highest level of threat detection.

Conduct domain-specific assessments to identify business-critical applications and technologies that require focused monitoring.

Customer Interaction and Coordination: Act as the first point of contact (FPOC) for client issues, responding promptly to queries and taking ownership until resolution.

Facilitate log source onboarding or decommissioning and coordinate with internal teams to meet customer requirements.

Maintain transparency and demonstrate the value of SOC operations during periodic reviews such as MIS and QBR meetings.

Performance Reporting: Ensure timely submission of operational reports and updates on new use cases, proactive threat detection initiatives, and Splunk feature enhancements.

Present SOC achievements and areas of improvement to stakeholders, highlighting the Managed Detection and Response (MDR) value.

Candidate Requirements:

Minimum 10 years of total experience, with at least 6 years in a Security Operations Center (SOC) environment. At least 6 years of experience in customer-facing roles. Strong understanding of SIEM concepts, with hands-on experience in Splunk (including data onboarding, dashboard creation, and custom alert configuration). Solid technical and operational knowledge in cybersecurity, including network security, log analysis, and incident response. Excellent verbal and written communication skills. Qualifications: Bachelor’s degree in engineering, preferably in IT or Computer Science (B.E./B.Tech). One professional certification preferred (e.g., CCNA, CEH, Splunk Core Certified User/Power User). Work Schedule: General Shifts.

This role is a great opportunity for professionals with a strong Splunk SIEM background, leadership capabilities, and a commitment to delivering top-notch security operations and threat detection services.

Let’s grow together.