This job has closed.
It was last confirmed on May 7, 2026. Browse similar open roles below or view all current openings.
Job Description
<div class="content-intro"><p><strong>About Gruve</strong></p>
<p>Gruve is an innovative software services startup dedicated to transforming enterprises to AI powerhouses. We specialize in cybersecurity, customer experience, cloud infrastructure, and advanced technologies such as Large Language Models (LLMs). Our mission is to assist our customers in their business strategies utilizing their data to make more intelligent decisions. As a well-funded early-stage startup, Gruve offers a dynamic environment with strong customer and partner networks.</p></div><p><span style="font-size: 10pt;"><strong>About the Role</strong></span></p>
<p><span style="font-size: 10pt;">We are seeking a highly skilled Security Analyst (Level 2) to join our MSSP SOC team. The ideal candidate will have expertise in SIEM (Splunk, QRadar), XDR/EDR solutions, and security analysis with hands-on experience in investigating and responding to security alerts. This role requires proficiency in reviewing and analyzing Level 1 alerts, providing detailed recommendations, and engaging with customers for incident handling. The candidate should also have basic SIEM administration knowledge and Python scripting skills for troubleshooting and playbook development.</span></p>
<p><span style="font-size: 10pt;"><strong>Key Responsibilities</strong></span></p>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Threat Detection & Response: Analyze and investigate security alerts, events, and incidents generated by SIEM, XDR, and EDR solutions.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Incident Investigation & Handling: Conduct in-depth security incident investigations, assess impact, and take appropriate actions. </span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Incident Escalation & Communication: Escalate critical incidents to Level 3 analysts or senior security teams while maintaining detailed documentation.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Content Management: Develop and fine-tune correlation rules, use cases, and alerts in SIEM/XDR platforms to improve detection accuracy.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Malware Analysis: Perform basic malware analysis and forensic investigation to assess threats.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Customer Request Handling: Collaborate with customers to address security concerns, provide recommendations, and respond to inquiries.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">SIEM Administration: Assist in the administration and maintenance of SIEM tools like Splunk or QRadar, ensuring smooth operations.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Automation & Playbooks: Utilize Python scripting for automation, troubleshooting, and playbook development to enhance SOC efficiency.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Reporting & Documentation: Prepare detailed reports on security incidents, trends, and mitigation strategies. </span></li>
</ul>
<p><span style="font-size: 10pt;"><strong>Basic Qualifications</strong></span></p>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">B.E/B. Tech degree in computer science, Information Technology, Masters in Cybersecurity</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">3+ years of experience in a SOC or cybersecurity operations role.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Strong knowledge of SIEM tools (Splunk, QRadar) and XDR/EDR solutions.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Hands-on experience in threat detection, security monitoring, and incident response.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Knowledge of network security, intrusion detection, malware analysis, and forensics.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Basic experience in SIEM administration (log ingestion, rule creation, dashboard management).</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Proficiency in Python scripting for automation and playbook development.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Good understanding of MITRE ATT&CK framework, security frameworks (NIST, ISO 27001), and threat intelligence.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Strong analytical, problem-solving, and communication skills.</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Ability to work in a 24x7 SOC environment (if applicable)</span></li>
</ul>
<p><span style="font-size: 10pt;"><strong>Preferred Qualifications</strong></span></p>
<ul>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Certified SOC Analyst (CSA)</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Certified Incident Handler (GCIH, ECIH)</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">Splunk Certified Admin / QRadar Certified Analyst</span></li>
<li style="font-size: 10pt;"><span style="font-size: 10pt;">CompTIA Security+ / CEH / CISSP (preferred but not mandatory</span></li>
</ul><div class="content-conclusion"><p><strong>Why Gruve</strong></p>
<p>At Gruve, we foster a culture of innovation, collaboration, and continuous learning. We are committed to building a diverse and inclusive workplace where everyone can thrive and contribute their best work. If you’re passionate about technology and eager to make an impact, we’d love to hear from you.</p>
<p>Gruve is an equal opportunity employer. We welcome applicants from all backgrounds and thank all who apply; however, only those selected for an interview will be contacted.</p></div>
About Gruve
Gruve
gruve.ai
On-site