Lead Security Operations Center (SOC) Analyst - SIEM & SOAR Specialist

Lead - SOC Analyst (SIEM & SOAR)

Company Description

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.

There’s another option. Freshworks. With a fresh vision for how the world works.

At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world.

Fresh vision. Real impact. Come build it with us.

Job Description

Job Summary

We are seeking a Lead SOC Engineer with strong expertise in SIEM administration, SOAR automation, and security monitoring across both enterprise and cloud environments. The role will focus on enhancing SOC capabilities, improving threat detection, automating response processes, and ensuring visibility across on-premises and cloud infrastructure.

Key Responsibilities

• Administer, maintain, and optimize SIEM platforms (Splunk, Sentinel, QRadar, etc.).

• Design and implement SOAR playbooks to automate security operations and incident response.

• Onboard and manage log sources from enterprise infrastructure, applications, and cloud environments.

• Develop and tune detection rules, correlation searches, dashboards, and alerts.

• Support incident investigations, threat hunting, and response activities.

• Integrate SIEM/SOAR with EDR, IAM, cloud security, email security, and threat intelligence platforms.

• Collaborate with infrastructure, cloud, and security teams to improve monitoring coverage and security posture.

• Mentor SOC analysts and drive continuous improvement initiatives.

Qualifications

• 6–10 years of cybersecurity experience with SOC Engineering/Security Operations focus.

• Minimum 3+ years of hands-on SIEM administration experience.

• Minimum 2+ years of SOAR implementation and automation experience.

• Strong experience managing security monitoring for both:

  • Enterprise environments (Windows, Linux, Active Directory, Network Security, Endpoint Security)

  • Cloud environments (Azure, AWS, and/or GCP)

• Experience in onboarding and correlating logs from cloud-native security services and enterprise security tools.

• Strong understanding of incident response, threat hunting, and detection engineering.

• Experience with Python, PowerShell, APIs, and automation scripting.

• Good knowledge of MITRE ATT&CK framework and modern threat detection methodologies.

Preferred Certifications

• Microsoft SC-200 / SC-100

• Splunk Certified Admin/Architect

• GCIH, GCED

• AWS or Azure Security certifications

Additional Information

At Freshworks, we have fostered an environment that enables everyone to find their true potential, purpose, and passion, welcoming colleagues of all backgrounds, genders, sexual orientations, religions, and ethnicities. We are committed to providing equal opportunity and believe that diversity in the workplace creates a more vibrant, richer environment that boosts the goals of our employees, communities, and business. Fresh vision. Real impact. Come build it with us.

Experience Level

Senior Level