Senior Security Analyst

SUMMARY

As a Senior Security Analyst, candidate will be responsible for managing and maintaining the security operations within a SOC environment. The ideal candidate will be responsible for identifying, assessing, and mitigating security threats using leading SIEM, EDR, and Vulnerability Management tools. Candidates will play a pivotal role in incident detection and response, threat hunting, and improving our security posture in alignment with NIST cybersecurity framework.

Duties and Responsibilities

• Monitor, analyze, and respond to security events and alerts using Microsoft Sentinel and Splunk.
• Lead incident response efforts for high-severity security events and coordinate with stakeholders for containment and remediation.
• Develop and maintain playbooks and runbooks for security operations.
• Operate and optimize CrowdStrike Falcon and Microsoft Defender for Endpoint for real-time threat detection and response.
• Perform root cause analysis and forensic investigations on endpoints and user behaviors.
• Conduct regular vulnerability assessments using Tenable and Qualys.
• Prioritize, track, and assist in remediation efforts across IT and application environments.
• Collaborate with IT, DevOps, and business units to mitigate identified vulnerabilities effectively.
• Align daily activities and security controls to the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover).
• Contribute to risk assessments, audit support, and compliance readiness efforts.
• Stay up to date with the latest threat landscape and integrate relevant threat intelligence feeds into SIEM.
• Recommend and implement enhancements to detection rules, correlation logic, and alert tuning.

Skills and Experience

• 5+ years of experience in cybersecurity operations or incident response.
• Hands-on experience with SIEM tools like Microsoft Sentinel and Splunk.
• Strong knowledge of EDR tools such as CrowdStrike Falcon and Microsoft Defender for Endpoint.
• Proficiency in vulnerability management platforms like Tenable, Qualys.
• Solid understanding of security controls and processes aligned with NIST CSF.
• Familiarity with MITRE ATT&CK, Kill Chain, and threat hunting methodologies.
• Strong analytical, problem-solving, and documentation skills.
• Excellent communication and stakeholder management abilities. 

KEYWORDS (For Reference)
- SIEM: Microsoft Sentinel, Splunk
- EDR/XDR: CrowdStrike Falcon, Microsoft Defender for Endpoint
- Vulnerability Management: , Qualys, Vulnerability Scanning, CVSS
- Security Framework: NIST CSF, MITRE ATT&CK, Cybersecurity Framework

SKILLS AND EXPERIENCE

• Answer technical queries (both initial and follow up) via phone, the ticketing system, email, IM Chat
• Build knowledge base with technical documentation, manuals and IT policies
• Troubleshoot issues by utilizing resources like KB / Standard Operating Procedure, peer support, supervisor guidance and management consultancy
• Ensure CMDB and all IT digital assets are real-time updated
• Provided out-side hours support for critical, urgent and mission critical activities
• Contribute in building technical knowledgebase
• Provide methodological assistance to client / peers
• Follow timely delegation / escalation procedure
• Follow ITIL standard practices for incident, change and problem management
• Outstanding analytical and technical problem-solving skills
• Keep yourself updated with technology updates
• Adhere to compliance and governance standards and report any non-compliances to the manager
• Participate & contribute in IT team meetings
• Foster professional relationships with all colleagues by listening, understanding and responding to their needs
• Excellent Interpersonal and communication skills (verbal and written)
• Excellent organizational, time-management and prioritization skills
• Promote positive customer service attitude among peers
• Project Management