SOC Analyst – Cloud Security Operations

Open

Summary

The candidate will be responsible for cloud-focused monitoring, investigation, and escalation support across the organization’s hosted environment. The analyst will review suspicious cloud behavior, privilege misuse, configuration-related exposure, abnormal API activity, and cloud-originated attack paths, while correlating findings with endpoint, email, identity, and application telemetry.

The role supports the current traditional SOC baseline while helping the SOC mature into a crypto-/fintech-aware function by identifying cloud incidents that may affect sensitive operations, high-risk internal services, or customer-facing business systems.

Key Responsibilities

  • To conduct investigations of suspicious activity spanning across AWS and other cloud services
  • Analyze CloudTrail logs for anomalous cloud access, privilege misuse, access key issues, unusual API calls, and suspicious console behavior
  • Connect cloud events to CrowdStrike, Netskope, Cloudflare, Sentry & Vercel context
  • Investigate Netskope surfaced risky SaaS and cloud-app activity
  • Investigate usage of unauthorized applications, and risky movement of files — abnormal user activity or a policy breach that increases the cloud attack surface
  • Analyze cloud alerts with their operational or business impact
  • Restrict, escalate incidents affecting critical services, administrative workflows, or sensitive data paths
  • Assist in coordinating remediation with DevSecOps, IAM, and IT teams
  • Suggest improvements in visibility, detection, and cloud monitoring coverage
  • 24×7 operations

Mandatory Expertise

  • Cloud Security Operations

Good to Have

  • CrowdStrike and/or NetSkope

Optional

  • Microsoft AD

Preferred Additional Skills

  • AWS security investigations
  • Cloud log analysis
  • Cloud access anomaly review
  • Cloud attack-path awareness
  • SaaS/cloud usage monitoring
  • Basic application telemetry correlation using Sentry
  • Operational awareness of hosted web/application platforms such as Vercel

Preferred Certifications

  • AWS Security Specialty
  • Security+
  • CySA+
  • SC-200

Success Measures

  • Quality of cloud incident validation
  • Accuracy of severity and impact assessment
  • Timeliness of escalation for cloud misuse or suspicious access
  • Quality of coordination with DevSecOps / IAM / IT
  • Detection improvement recommendations for cloud-related threats

Note: Interested candidates may send their resume to [email protected]. Only shortlisted applicants will be contacted.

JOB SUMMARY

location
Location Noida, India/Dubai, UAE
job type
Job Type Full-time
date
Date Posted June 19, 2026
experience
Experience 5-7 Years
working hours
Working Hours 9:00 AM - 6:00 PM
top