Job DescriptionThe Cyber Security Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats across the organization’s IT and digital infrastructure. The role requires hands‑on experience in Security Operations Center (SOC) functions, threat hunting, log analysis, and vulnerability management, with a strong focus on incident detection, root‑cause analysis, and risk mitigation.
The analyst will work closely with IT, infrastructure, application, and risk teams to strengthen the organization’s security posture, developing security strategy and ensure compliance with regulatory and internal security standards.
The person will report to IT security Head.
Key Responsibilities•
- Responsible for managing day-to-day operations related to End User security (XDR, DNS, Proxy, Threat Management etc)
- Perform security risk assessments that support business requirements, and recommend mitigations and countermeasures to address risks, vulnerabilities, and threats
- Responsible for working along and leading a 24x7 team of security analysts and ensure compliance with Service Level Agreements (SLAs), process adherence and process improvisation to achieve operational objectives. Manage KPI for Incidence Management.
- Participate manage various audits (internal/compliance/regulatory etc.) involving IT SOC operations and ensure compliance in all aspects.
- Conduct proactive threat hunting to identify stealthy threats, APT techniques, and anomalous behavior
- Analyze Indicators of Compromise (IOCs) and Indicators of Attack (IOAs)
- Use threat intelligence feeds, MITRE ATTCK framework, and behavioral analysis to improve detection
- Recommend improvements to use cases, correlation rules, and alert tuning.
- Perform real‑time analysis of logs and security events to identify suspicious or malicious activities for escalated cases.
- Document information related to IT security attacks, threats, risks and controls.
- Establish a standard methodology for performing security tests in accordance with security requirements.
- Establish review procedures based on organization’s security risk management plan.
- Evaluate effectiveness of current incident response plan against industry good practices.
- Evaluate response plans periodically to ensure relevance.
- Identify threats and risks that are relevant to organisation's operations and systems.
- Obtain CISO, CIO endorsement of security policies, standards and procedures by articulating cost and benefits.
- Perform comparative analysis of security service performance level parameters against security information sources.
- Conduct internal audit to ensure logging are enabled across IT enterprise as per regulatory guidelines and Support troubleshooting and forensic analysis using centralized log platforms (SIEM).
- Identify gaps in identity security and work closely with IDM team for mitigation.
- Work closely with ERM and internal assurance team to close identified vulnerabilities across On prim Cloud Env.
- Support incident response activities, including root‑cause analysis and containment
- Assist in basic digital forensics such as log correlation, timeline building, and user activity analysis.
- Participate in table‑top exercises, red team / blue team drills, and ongoing IR improvements.
- Conduct and support vulnerability assessments across infrastructure, applications, and networks.
- Analyze vulnerability scan results (CVEs, CVSS scoring) and determine risk severity and business impact.
- Coordinate with IT and application teams for patching, remediation, and mitigation
- Track vulnerability remediation status and provide regular risk dashboards and reports
- Support compliance with internal security policies and regulatory requirements (e.g., IRDAI, ISO 27001, SOC, etc.)
- Assist during internal/external audits by providing evidence, reports, and control validation
- Stay up to date on information technology trends and security standards
- Document SOPs, runbooks, and process improvements
