Cyber Security Analyst

Overview

Job Title: Cyber Security Analyst

Location: Bangalore

Experience Required: 5–7 Years

Employment Type: Full-Time

Job Summary

We are looking for a highly skilled and detail-oriented *Security Analyst* with strong experience in SOC/NOC operations, threat monitoring, and incident response. The ideal candidate should have hands-on expertise in SIEM, SOAR, EDR/XDR platforms, firewall analysis, and cloud security tools. The candidate will be responsible for monitoring security alerts, investigating incidents, mitigating threats, and ensuring adherence to SLAs while enhancing the organization’s overall security posture.

Key Roles & Responsibilities

*Security Monitoring & Incident Response*

• Monitor, analyze, and investigate security alerts triggered by SIEM and other security tools.
• Perform threat analysis on phishing URLs, malicious attachments, and suspicious files using sandboxing tools.
• Extract and analyze Indicators of Compromise (IOCs) for actionable threat intelligence.
• Conduct network traffic analysis to identify vulnerabilities and suspicious activities.
• Lead incident monitoring, triage, investigation, and resolution of security events.
• Classify and respond to email-based threats including phishing, spam, malware, and spoofing attacks.
• Investigate firewall denials, IPS/IDS alerts, web proxy logs, and threat intelligence feeds.
• Apply MITRE ATT&CK framework knowledge to analyze adversary tactics and techniques.
  
  

*Security Operations & Compliance*

• Ensure adherence to SLAs and maintain high-quality call handling and escalation processes.
• Conduct daily health checks and manage access control via Azure PIM or similar platforms.
• Provide insights for suppression rule creation to reduce false positives.
• Maintain documentation, prepare internal review reports, and support audit requirements.
• Deliver weekly and monthly performance reports and client presentations.
  
  

*Network & Infrastructure Support*

• Monitor and maintain firewall, IDS, IPS, MPLS, and other network security components.
• Perform vulnerability management activities and coordinate patch management.
• Manage backups for firewall systems and critical infrastructure.
• Ensure preventive maintenance, health checks, and operational continuity.
• Manage virtual machine environments and data center infrastructure.
  
  

*Collaboration & Stakeholder Management*

• Work closely with L2/L3 teams for advanced investigations.
• Coordinate with OEMs for issue resolution and performance optimization.
• Support cross-functional teams and represent security operations in client meetings.
• Facilitate daily operational calls to ensure service excellence
  
  

*Core Competencies*

• SIEM & SOAR Platforms
• Incident Response & Threat Hunting
• Email Security & Malware Analysis
• Network Security (Firewall, IDS, IPS)
• Cloud Security (Azure/Microsoft Defender)
• MITRE ATT&CK Framework
• Cyber Kill Chain
• Threat Intelligence & OSINT
• Log Analysis & Forensics
  
  

*Tools & Technologies*

• Microsoft Defender XDR (Endpoint, Identity, Cloud, Cloud Apps)
• Microsoft Sentinel / QRadar / McAfee SIEM
• FortiSOAR
• Cisco Threat Grid (Sandboxing)
• Cisco Umbrella
• Azure PIM
• Office 365 Security & Email Analysis
• SNOW / JIRA (Ticketing Tools)
• Firewall technologies (SonicWALL, Cisco, etc.)
  
  

• MTech / B.Tech in Computer Science, Cyber Security, or related field
• Relevant cybersecurity certifications preferred (CEH, CHFI, CCNA, AWS, NSE, etc.)
  
  

• Strong analytical and problem-solving skills
• Ability to work in 24/7 SOC environment (if required)
• Excellent reporting and presentation skills
• Experience in client handling and SLA-driven environments
• Strong communication and stakeholder management skills