Senior IT Security Analyst
Designation – Senior IT Security Analyst
Experience: 8- 13 Years
Location: Pune, India
A. Your Skills:
- Significant experience in SOC, CERT, or CSIRT environments, with expertise in SIEM
administration, threat hunting, detection engineering, and incident response.
- Strong expertise in configuring, optimizing, and maintaining Microsoft security products,
including Sentinel, Defender for Cloud, Endpoint, Identity, Office 365, Exchange, and Azure
Active Directory.
- Proficiency in log sources onboarding in SIEM, log management, developing consolidated
security dashboards and developing Playbook to support continuous monitoring.
- Proficiency in creating and simulating hypothetical threat scenarios to anticipate and combat
potential attack vectors.
- In-depth understanding and practical application of the MITRE ATT&CK framework for mapping
detection rules and identifying attacker tactics, techniques, and procedures (TTPs).
- Practical knowledge of security technologies, including firewalls, IDS/IPS, SIEM, endpoint
detection, anti-malware, and vulnerability assessment tools.
- Solid understanding of networks, cloud infrastructures, operating systems (Windows, Linux),
and evolving cyberattack methods.
- Experience in correlating threat intelligence feeds with detection engineering to identify and
mitigate advanced threats.
- Proven ability to analyze large volumes of security logs and data to craft precise, high-fidelity
detection rules while reducing false positives.
- Excellent communication and collaboration skills to effectively share findings and work with
cross-functional teams.
- Passionate about proactive cybersecurity measures, with a strong desire to stay updated on
emerging threats and technologies.
B. Behaviors:
- A high level of collaboration skills with other cross functional global teams.
- Confidence in expressing your ideas and input to the team.
- Open to learn and work on different/new technologies.
- Agile in nature.
- Self-motivated and proactive.
C. Role and Responsibilities:
Incident Response and Collaboration:
- Collaborate with SOC, CERT, or CSIRT teams for effective incident monitoring andresponse.
- Investigate and respond to cybersecurity incidents, including forensic analysis ofattack patterns.
SIEM Administration:
- Provide ongoing support for SIEM Architecture, ensuring efficient log ingestion,parsing, and normalization to enhance threat visibility and detection capabilities.
- Designed and customized automated playbooks and interactive dashboards in SIEM tomeet specific security monitoring and incident response requirements.
Threat Intelligence Analysis:
- Gather, process, and analyze threat intelligence feeds to identify emerging threats.
- Proactively communicate relevant threat scenarios and provide actionable insights.
Threat Detection Development:
- Develop and fine-tune advanced KQL queries and analytics rules in Microsoft Sentinelto detect sophisticated attack vectors.
- Build and test hypothetical threat scenarios to enhance threat detection capabilities.
- Optimize detection systems to minimize false positives and maximize precision.
Incident Response and Collaboration:
- Collaborate with SOC, CERT, or CSIRT teams for effective incident monitoring andresponse.
- Investigate and respond to cybersecurity incidents, including forensic analysis ofattack patterns.
Security Tool Management:
- Configure, monitor, and maintain security tools such as SIEM (Microsoft Sentinel),Defender for Cloud, antivirus solutions, and consolidated security dashboards.
Continuous Improvement:
- Participate in developing and implementing security concepts, hardening guidelines,and monitoring systems.
- Perform penetration tests, vulnerability assessments, and audits to ensure robustsecurity measures.
- Contribute to the creation and refinement of SOC policies, processes, and procedures.
D. Desirable Certifications:
- Microsoft Certified: Security Operations Analyst Associate – SC 200
- CEH
Must Have
Educational Qualification: Relevant BE/Btech degree in CS/IT/ECE/EEE or MCA/M.Sc. in CS/IT
The candidate must possess hands-on expertise across a wide range of cybersecurity tools and technologies.
Looking for L3 resource
Hands on Experience including threat hunting, threat detection, and threat intelligence.
In-depth understanding and practical application of the MITRE ATT&CK framework for mapping
Strong experience with CrowdStrike, vulnerability management, and handling security incidents, phishing incidents, and high-level incident response is required.
The role also demands proficiency in SIEM log source onboarding,
fine-tuning detection rules, developing detection logic, and using KQL for advanced security analytics and monitoring.
*******
Notice Period: Immediate to 30 days ( Preferred) to 2 months.
Work Location: In person