CybersecurityEntry Level
SOC Intern | [Hiring]
Location:Noida
Type:Full-time
Work Model:On-site
Salary:Competitive
Posted on
About the Role
We're hiring a SOC Intern (path to full-time L1 Analyst, PPO for strong performers) to do real security ops, triage live alerts on Wazuh (TP/FP/BTP calls, not lab exercises), run response playbooks, and do detection engineering (write/tune Wazuh decoders & rules, onboard log sources like Palo Alto/Fortinet/Ruckus over syslog, validate with wazuh-logtest, map to MITRE ATT&CK). You bring solid fundamentals (TCP/IP, syslog, auth logs, common attacks), Linux CLI comfort, and an eye for patterns in text. Nice-to-have (not required): any SIEM exposure, regex + Python/Bash, CEH/Security+, a home lab or CTF. Mentorship from CCIE/CISA-level engineers, real enterprise environments, clear ladder Intern → L1 → L2/Detection Eng.
Key Responsibilities
- Triage live Wazuh alerts - TP/FP/BTP calls on real traffic, not lab exercises
- Run response playbooks (brute force, phishing, malware) and write clean case notes
- Detection engineering: write/tune Wazuh decoders & rules, validate with
wazuh-logtest - Onboard log sources (Palo Alto, Fortinet, Ruckus) over syslog
- Map activity to MITRE ATT&CK; validate the AI triage layer's verdicts
Requirements
- Security & networking fundamentals (TCP/IP, syslog, auth logs, common attacks)
- Linux CLI comfort
- An eye for patterns in raw text (decoder work)
- Clear written English, reliability
Nice to Have
- Any SIEM exposure (Wazuh/Splunk/ELK)
- Regex + Python/Bash
- CEH / CompTIA Security+ (done or in progress)
- Home lab / CTF / security projects