Senior Security Analyst

SUMMARY

As a Senior Security Analyst, candidate will be responsible for managing and maintaining the security operations within a SOC environment. The ideal candidate will be responsible for identifying, assessing, and mitigating security threats using leading SIEM, EDR, and Vulnerability Management tools. Candidates will play a pivotal role in incident detection and response, threat hunting, and improving our security posture in alignment with NIST cybersecurity framework. 

Duties and Responsibilities

• Monitor, analyze, and respond to security events and alerts using Microsoft Sentinel and Splunk. 
• Lead incident response efforts for high-severity security events and coordinate with stakeholders for containment and remediation. 
• Develop and maintain playbooks and runbooks for security operations. 
• Operate and optimize CrowdStrike Falcon and Microsoft Defender for Endpoint for real-time threat detection and response. 
• Perform root cause analysis and forensic investigations on endpoints and user behaviors. 
• Conduct regular vulnerability assessments using Tenable and Qualys. 
• Prioritize, track, and assist in remediation efforts across IT and application environments. 
• Collaborate with IT, DevOps, and business units to mitigate identified vulnerabilities effectively. 
• Align daily activities and security controls to the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover). 
• Contribute to risk assessments, audit support, and compliance readiness efforts. 
• Stay up to date with the latest threat landscape and integrate relevant threat intelligence feeds into SIEM.  
• Recommend and implement enhancements to detection rules, correlation logic, and alert tuning. 

Skills and Experience

• 5+ years of experience in cybersecurity operations or incident response. 
• Hands-on experience with SIEM tools like Microsoft Sentinel and Splunk. 
• Strong knowledge of EDR tools such as CrowdStrike Falcon and Microsoft Defender for Endpoint. 
• Proficiency in vulnerability management platforms like Tenable, Qualys. 
• Solid understanding of security controls and processes aligned with NIST CSF. 
• Familiarity with MITRE ATT&CK, Kill Chain, and threat hunting methodologies. 
• Strong analytical, problem-solving, and documentation skills. 
• Excellent communication and stakeholder management abilities. 

  KEYWORDS (For Reference)

• SIEM: Microsoft Sentinel, Splunk 
• EDR/XDR: CrowdStrike Falcon, Microsoft Defender for Endpoint 
• Vulnerability Management: Tenable.io, Qualys, Vulnerability Scanning, CVSS 
• Security Framework: NIST CSF, MITRE ATT&CK, Cybersecurity Framework 

SKILLS AND EXPERIENCE

• Answer technical queries (both initial and follow up) via phone, the ticketing system, email, IM Chat 
• Build knowledge base with technical documentation, manuals and IT policies 
• Troubleshoot issues by utilizing resources like KB / Standard Operating Procedure, peer support, supervisor guidance and management consultancy 
• Ensure CMDB and all IT digital assets are real-time updated 
• Provided out-side hours support for critical, urgent and mission critical activities 
• Contribute in building technical knowledgebase 
• Provide methodological assistance to client / peers 
• Follow timely delegation / escalation procedure 
• Follow ITIL standard practices for incident, change and problem management 
• Outstanding analytical and technical problem-solving skills 
• Keep yourself updated with technology updates 
• Adhere to compliance and governance standards and report any non-compliances to the manager 
• Participate & contribute in IT team meetings 
• Foster professional relationships with all colleagues by listening, understanding and responding to their needs 
• Excellent Interpersonal and communication skills (verbal and written) 
• Excellent organizational, time-management and prioritization skills 
• Promote positive customer service attitude among peers 
• Project Management