EnrichFree Security Audit
CybersecurityEntry Level

SOC Intern | [Hiring]

Location:Noida
Type:Full-time
Work Model:On-site
Salary:Competitive

Posted on

About the Role

We're hiring a SOC Intern (path to full-time L1 Analyst, PPO for strong performers) to do real security ops, triage live alerts on Wazuh (TP/FP/BTP calls, not lab exercises), run response playbooks, and do detection engineering (write/tune Wazuh decoders & rules, onboard log sources like Palo Alto/Fortinet/Ruckus over syslog, validate with wazuh-logtest, map to MITRE ATT&CK). You bring solid fundamentals (TCP/IP, syslog, auth logs, common attacks), Linux CLI comfort, and an eye for patterns in text. Nice-to-have (not required): any SIEM exposure, regex + Python/Bash, CEH/Security+, a home lab or CTF. Mentorship from CCIE/CISA-level engineers, real enterprise environments, clear ladder Intern → L1 → L2/Detection Eng.

Key Responsibilities

  • Triage live Wazuh alerts - TP/FP/BTP calls on real traffic, not lab exercises
  • Run response playbooks (brute force, phishing, malware) and write clean case notes
  • Detection engineering: write/tune Wazuh decoders & rules, validate with wazuh-logtest
  • Onboard log sources (Palo Alto, Fortinet, Ruckus) over syslog
  • Map activity to MITRE ATT&CK; validate the AI triage layer's verdicts

Requirements

  • Security & networking fundamentals (TCP/IP, syslog, auth logs, common attacks)
  • Linux CLI comfort
  • An eye for patterns in raw text (decoder work)
  • Clear written English, reliability

Nice to Have

  • Any SIEM exposure (Wazuh/Splunk/ELK)
  • Regex + Python/Bash
  • CEH / CompTIA Security+ (done or in progress)
  • Home lab / CTF / security projects

Ready to Apply?

Join our team and help shape the future of cybersecurity and data services.

Apply Now