SOC Lead

ools and techniques to defend against a wide range of cyber threats, such as malware, ransomware, phishing attacks, and data breaches.

But that's not all - at Kyndryl, you will also have the opportunity to implement new cybersecurity systems and policies to ensure the protection of our customers' data and assets. You will monitor and review potential threats from various cybersecurity systems and conduct proof-of-concepts (POCs) with new cyber security software to evaluate its effectiveness and potential integration into the organization's systems.

Not only will you be responsible for ensuring the security of Kyndryl's customers' network and systems, but you will also enrich the organization's knowledge towards potential cyber threats and best practices. You will provide automation scripts for threat hunting in customer environments using lessons learned from Cyber-attacks.

You will also have the opportunity to conduct penetration testing and threat and vulnerability assessments of applications, operating systems, and networks, responding to cybersecurity breaches and identifying intrusions. You will research and evaluate cybersecurity threats and perform root cause analysis, all while assisting in the creation and implementation of security solutions.

Additionally, you will have the opportunity to work in the area of security innovation, creating and experimenting with "outside the box" ideas that could change the trajectory of cyber security.

This is a unique opportunity to work with cutting-edge technology, be part of a dynamic team, and make a significant impact in the world of cybersecurity. If you're up for the challenge, apply now to join Kyndryl's cybersecurity team!

Your Future at Kyndryl
Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.

Who You Are

You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others.

Required Skills and Experience:

Required Skills and Experience:

• Need 7+ years experience.
  The SOC L2 Analyst cum Shift Incident Manager plays a dual role: as a senior technical expert, handling complex security incidents and as the shift lead responsible for managing SOC operations during their assigned shift. This role is critical in ensuring 24x7 incident response, operational continuity, and escalation governance.

• Investigate and resolve escalated security incidents from L1 and L2 analysts.

• Perform deep-dive forensic analysis, triage, and root cause analysis (RCA) for critical and high-severity incidents

• Monitor the health and performance of SIEM infrastructure and security sensors.

• Tune and manage SIEM rules, correlation logic, and detection use cases.

• Coordinate with OEM vendors for platform issues or advanced threat resolution

• Act as the Incident Manager for the shift, overseeing all incident response activities and ensuring SLA adherence

• Lead shift handover meetings and maintain continuity across shifts.

• Assign tasks to L1/L2 analysts and ensure proper documentation in ITSM tools (e.g., ServiceNow)

• Escalate unresolved or critical issues to the SOC Manager or CDC Head as needed

• Maintain shift logs, incident metrics, and RCA documentation.

• Participate in governance forums and lessons learned reviews

• Provide feedback on detection quality, false positives, and tuning opportunities.

• Guide L1 and L2 analysts during investigations and response activities.

• Conduct training sessions and contribute to skill development plans

• Review and refine incident response procedures and playbooks.

• Collaborate with SIEM Engineers, SOAR Developers, and Content Writers to enhance detection and automation workflows

• Coordinate with DLP, EDR, and Email Security SMEs for multi-vector incident resolution.

Being You

Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.

Get Referred!

If you know someone that works at Kyndryl, when asked 'How Did You Hear About Us' during the application process, select 'Employee Referral' and enter your contact's Kyndryl email address.