Senior IT Security Analyst
* Experience: 8- 13 Years
* Location: Pune, India
A. Your Skills:
* Significant experience in SOC, CERT, or CSIRT environments, with expertise in SIEM
administration, threat hunting, detection engineering, and incident response.
* Strong expertise in configuring, optimizing, and maintaining Microsoft security products,
including Sentinel, Defender for Cloud, Endpoint, Identity, Office 365, Exchange, and Azure
Active Directory.
* Proficiency in log sources onboarding in SIEM, log management, developing consolidated
security dashboards and developing Playbook to support continuous monitoring.
* Proficiency in creating and simulating hypothetical threat scenarios to anticipate and combat
potential attack vectors.
* In-depth understanding and practical application of the MITRE ATT&CK framework for mapping
detection rules and identifying attacker tactics, techniques, and procedures (TTPs).
* Practical knowledge of security technologies, including firewalls, IDS/IPS, SIEM, endpoint
detection, anti-malware, and vulnerability assessment tools.
* Solid understanding of networks, cloud infrastructures, operating systems (Windows, Linux),
and evolving cyberattack methods.
* Experience in correlating threat intelligence feeds with detection engineering to identify and
mitigate advanced threats.
* Proven ability to analyze large volumes of security logs and data to craft precise, high-fidelity
detection rules while reducing false positives.
* Excellent communication and collaboration skills to effectively share findings and work with
cross-functional teams.
* Passionate about proactive cybersecurity measures, with a strong desire to stay updated on
emerging threats and technologies.
B. Behaviors:
* A high level of collaboration skills with other cross functional global teams.
* Confidence in expressing your ideas and input to the team.
* Open to learn and work on different/new technologies.
* Agile in nature.
* Self-motivated and proactive.
C. Role and Responsibilities:
* Incident Response and Collaboration:
Collaborate with SOC, CERT, or CSIRT teams for effective incident monitoring and
response.
Investigate and respond to cybersecurity incidents, including forensic analysis of
attack patterns.
* SIEM Administration:
Provide ongoing support for SIEM Architecture, ensuring efficient log ingestion,
parsing, and normalization to enhance threat visibility and detection capabilities. Designed and customized automated playbooks and interactive dashboards in SIEM to
meet specific security monitoring and incident response requirements.
* Threat Intelligence Analysis:
Gather, process, and analyze threat intelligence feeds to identify emerging threats.
Proactively communicate relevant threat scenarios and provide actionable insights.
* Threat Detection Development:
Develop and fine-tune advanced KQL queries and analytics rules in Microsoft Sentinel
to detect sophisticated attack vectors.
Build and test hypothetical threat scenarios to enhance threat detection capabilities.
Optimize detection systems to minimize false positives and maximize precision.
* Incident Response and Collaboration:
Collaborate with SOC, CERT, or CSIRT teams for effective incident monitoring and
response.
Investigate and respond to cybersecurity incidents, including forensic analysis of
attack patterns.
* Security Tool Management:
Configure, monitor, and maintain security tools such as SIEM (Microsoft Sentinel),
Defender for Cloud, antivirus solutions, and consolidated security dashboards.
* Continuous Improvement:
Participate in developing and implementing security concepts, hardening guidelines,
and monitoring systems.
Perform penetration tests, vulnerability assessments, and audits to ensure robust
security measures.
Contribute to the creation and refinement of SOC policies, processes, and procedures.
D. Desirable Certifications:
* Microsoft Certified: Security Operations Analyst Associate – SC 200
* CEH Must-Haves :
BE/B.Tech in CS/IT/ECE/EEE or MCA/M.Sc. in CS/IT
Hands-on expertise across a wide range of cybersecurity tools (L3 level)
Threat hunting, threat detection, threat intelligence
Practical application of MITRE ATT&CK framework for threat mapping
Vulnerability management ( Mandatory)
KQL for advanced security analytics and monitoring ( Mandatory)
Security & phishing incident handling, high-level incident response
Strong hands-on experience with CrowdStrike ( Mandatory)
SIEM log source onboarding
Fine-tuning detection rules, developing detection logic
*******
Notice Period: Immediate to 30 days ( Preferred) to 2 months.
Location: Preference to Pune candidates
Please also check for stability in candidates’ profiles. Those with frequent job changes should not be considered, so kindly refrain from sharing such CVs.
Min 3 years in company in 1 company to see the stability
No Poach Clients (Plus other Strict No-Nos) :
Diploma Holder
Network Administrative Experience
Avoid taking candidates from JNTU, JNTK, JNTUH, SKU, JNTUA
Try to avoid candidates from TCS
Target Companies :
Target Companies in Pune (Similar to Lenze Mechatronics)
Industrial Automation & Manufacturing
Siemens
ABB India
Schneider Electric
Rockwell Automation
Emerson
Honeywell Automation
Bosch Rexroth
Festo
Phoenix Contact
Mitsubishi Electric
Automotive & Auto Components
Mercedes-Benz Research & Development India
Volkswagen Group Technology Solutions
Continental Automotive
Robert Bosch
ZF India
Mahindra & Mahindra
Tata Motors
Bajaj Auto
Additional Guidelines :
Interview Process
L1-Interview (Technical Discussion)
L2-Interview (Technical Discussion)
F2F-LAB- Hands on Experience on built case scenario (if required)
F2F-Managerial and HR Round
Working Model : 3days WFO and 2 days WFH
Work Location: Hybrid remote in Pune, Maharashtra (Pune, Pune District)