Job Title

SOC Developer-Bangalore Experience:6+ Years Education: In IT field This job description is for an L3 Cyber Defence/SOC Developer role, specifically focused on Cyber Automation & Generative AI. The position aims to enhance security operations by automating SOC workflows and leveraging AI for threat detection, response, and mitigation. Here's a breakdown of the key elements: Key Responsibilities: Automation Development : Develop automation solutions to streamline SOC operations using languages like Python, PowerShell, and Bash. Create AI-driven playbooks to optimize threat detection and incident response processes. Integration & Optimization : Work with SOAR (Security Orchestration, Automation, and Response) platforms (e.g., Palo Alto XSOAR, Splunk SOAR, Microsoft Sentinel) to improve operational efficiency. Maintain detection rules and response actions across SIEM, EDR, and SOAR platforms. Generative AI & Advanced Analytics : Use Generative AI models (e.g., OpenAI, Hugging Face) to develop innovative analytics solutions for security. Implement AI-based anomaly detection techniques to enhance cybersecurity defenses. Collaboration & Continuous Improvement : Collaborate with SOC analysts and security engineers to identify automation opportunities and troubleshoot issues. Document workflows and AI implementations for knowledge sharing and training. Security & Compliance : Ensure all solutions align with industry best practices and security frameworks (MITRE ATT&CK, NIST, CIS Controls). Regularly update automation processes to ensure compliance with evolving security standards. Required Skills & Qualifications: Experience : 5+ years in cybersecurity, SOC operations, or cyber defense development. Programming & Scripting : Proficiency in Python, PowerShell, Bash, or similar languages. Platform Expertise : Experience with SOAR platforms and familiarity with SIEM tools. AI & Machine Learning : Experience with Generative AI for cybersecurity and an understanding of machine learning models for security use cases. Technical Skills : Knowledge of APIs, data parsing (JSON, XML), and automation frameworks. Communication : Strong communication skills for working in a collaborative SOC environment. Preferred Qualifications: Cloud Security Automation : Experience with AWS, Azure, or GCP, and Infrastructure as Code (IaC). Certifications : CEH, SANS GCTI, GCIH, CISSP, or similar SOC/automation-related certifications. DevSecOps : Familiarity with DevSecOps practices and CI/CD automation. Threat Intelligence : Hands-on experience with threat intelligence platforms and threat-hunting automation.