Explore careers with our portfolio companies

Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

SOC Analyst (24*7 Environment)

Keyloop

Keyloop

IT
Hyderabad, Telangana, India
Posted on Feb 28, 2026
Apply now
Keyloop bridges the gap between dealers, manufacturers, technology suppliers and car buyers.
We empower car dealers and manufacturers to fully embrace digital transformation. How? By creating innovative technology that makes selling cars better for our customers, and buying and owning cars better for theirs.
We use cutting-edge technology to link our clients’ systems, departments and sites. We provide an open technology platform that’s shaping the industry for the future. We use data to help clients become more efficient, increase profitability and give more customers an amazing experience. Want to be part of it?
Role Summary
The L2 SOC Analyst plays a critical role in Keyloop’s 24/7 Security Operations Center, responsible for in-depth investigation, analysis, and response to security alerts and incidents. This role acts as the primary escalation point from L1 analysts (internal or MSP) and is accountable for validating incidents, performing root cause analysis, and driving effective containment and remediation actions.
The L2 SOC Analyst is expected to demonstrate strong technical capability across multiple security technologies, contribute to continuous improvement of SOC processes and detections, and support compliance and assurance requirements. The role requires a proactive mindset, strong analytical skills, and the ability to communicate effectively with technical and non-technical stakeholders.

Key responsibilities

  • Incident Investigation & Response
  • Investigate and validate escalated security alerts and incidents from L1 SOC analysts.
  • Perform detailed analysis to determine scope, impact, root cause, and attacker activity.
  • Lead containment, eradication, and recovery actions in collaboration with IT, engineering, and other security teams.
  • Ensure incidents are handled in accordance with defined incident response policies, runbooks, and SLAs.
  • Document incidents thoroughly, including timelines, findings, actions taken, and recommendations.
  • Security Monitoring & Detection
  • Actively monitor SIEM dashboards, queues, and alerts as required.
  • Validate detection logic and identify false positives, gaps, and improvement opportunities.
  • Propose and assist with the development of new SIEM use cases, correlation rules, and alert tuning.
  • Support continuous improvement of detection coverage across cloud, on‑premise, and SaaS environments.
  • SOAR & Automation Support
  • Execute and validate SOAR playbooks during incident response.
  • Identify opportunities for automation to improve response time, consistency, and quality.
  • Support the SOC Manager in testing, maintaining, and improving automated workflows.
  • Security Technology Operations
  • Investigate alerts and events from a broad range of security technologies, including:
  • Web content filtering solutions
  • Email security gateways
  • Endpoint Detection & Response (EDR)
  • Managed Detection & Response (MDR)
  • Extended Detection & Response (XDR)
  • Correlate events across tools to build a complete incident narrative.
  • Threat Intelligence
  • Consume and analyze threat intelligence relevant to Keyloop’s environment and industry.
  • Apply threat intelligence to investigations, detections, and response actions.
  • Support proactive threat hunting activities based on emerging threats and attacker techniques.
  • Escalation & Collaboration
  • Act as the escalation point for complex or high-severity incidents.
  • Collaborate closely with the SOC Manager, L1 analysts, IT operations, engineering, and third-party providers.
  • Escalate incidents appropriately based on severity, impact, and business risk.
  • Compliance & Assurance Support
  • Support SOC-related controls for NIST, ISO/IEC 27001, and SOC 2.
  • Ensure investigations, evidence collection, and logging meet audit and regulatory requirements.
  • Assist with audit requests by providing incident records, metrics, and operational evidence.
  • Continuous Improvement & Knowledge Sharing
  • Contribute to the creation and maintenance of incident response runbooks and playbooks.
  • Participate in post-incident reviews and lessons-learned activities.
  • Share knowledge and mentor L1 analysts where appropriate.
  • Stay current with evolving threats, attack techniques, and defensive strategies.

Experience and skillsets required:

  • 3–6 years of experience in a SOC, security operations, or incident response role.
  • Proven hands-on experience investigating and responding to security incidents.
  • Practical experience working with SIEM platforms and security alerting systems.
  • Exposure to SOAR tools and automated response workflows.
  • Experience with endpoint, email, network, and cloud security technologies.
  • Familiarity with threat intelligence sources and attacker methodologies.
  • Skills & Competencies
  • Technical Skills
  • Incident analysis and response
  • Log analysis and event correlation
  • Endpoint, email, and network security investigation
  • Understanding of attacker tactics, techniques, and procedures (e.g., MITRE ATT&CK)
  • Soft Skills
  • Strong analytical and problem-solving ability
  • Clear and concise written and verbal communication
  • Ability to work under pressure and manage multiple incidents
  • Collaborative mindset and willingness to support team objectives
  • Attention to detail and disciplined documentation
Why join us?
We’re on a journey to become market leaders in our space – and with that comes some incredible opportunities. Collaborate and learn from industry experts from all over the globe. Work with game-changing products and services. Get the training and support you need to try new things, adapt to quick changes and explore different paths. Join Keyloop and progress your career, your way.
An inclusive environment to thrive
We’re committed to fostering an inclusive work environment. One that respects all dimensions of diversity. We promote an inclusive culture within our business, and we celebrate different employees and lifestyles – not just on key days, but every day.
Be rewarded for your efforts
We believe people should be paid based on their performance so our pay and benefits reflect this and are designed to attract the very best talent. We encourage everyone in our organisation to explore opportunities which enable them to grow their career through investment in their development but equally by working in a culture which fosters support and unbridled collaboration.
Keyloop doesn’t require academic qualifications for this position. We select based on experience and potential, not credentials.
We are also an equal opportunity employer committed to building a diverse and inclusive workforce. We value diversity and encourage candidates of all backgrounds to apply.
Apply now
See more open positions at Keyloop
Privacy policyCookie policy