Job Summary
We are seeking a strong Senior Security Analyst with hands-on expertise in incident response, security monitoring, SIEM analysis, and threat investigation. The role will play a key part in detecting suspicious activity, performing triage and investigation, supporting containment and recovery, improving detections, and collaborating with internal and cross-functional teams to strengthen security operations.
Key Responsibilities
Perform end-to-end investigation of security alerts and incidents including analysis, triage, validation, prioritization, evidence gathering, and escalation when required. · Support full incident response lifecycle activities including detection, triage, containment coordination, eradication support, recovery follow-up, and case closure documentation. · Monitor and investigate alerts from SIEM, EDR, email security, network security, and cloud environments to identify malicious or suspicious activities. · Work hands-on with tools such as CrowdStrike Falcon, Splunk ES, Cisco SSE, AWS, Azure / GCP, and other enterprise security telemetry sources. · Leverage SIEM platforms such as Splunk and Anvilogic for log analysis, correlation, detection validation, use case review, and investigation support. · Apply MITRE ATT&CK;, threat intelligence, and NIST response practices to improve investigation quality, threat classification, and response decisions. · Support root cause analysis and post-incident reporting by documenting findings, timelines, affected scope, and recommended corrective actions. · Contribute to threat hunting, playbook execution, SOP adherence, and documentation updates to improve consistency and operational efficiency. · Collaborate with global stakeholders, technical teams, and service owners during active investigations and ongoing remediation efforts. · Participate in readiness drills, simulation exercises, shift handovers, knowledge sharing, and continuous improvement activities across SOC operations.
Skill Requirements
REQUIRED TECHNICAL SKILLS · Strong experience in SOC monitoring, incident response, and enterprise security investigations. · Hands-on knowledge of SIEM tools such as Splunk ES, Sentinel, Elastic, Anvilogic, SAP ETD, or similar platforms. · Experience with endpoint security and cloud security tools, preferably CrowdStrike Falcon and services across AWS, Azure, and GCP. · Good understanding of Linux, Windows, network protocols, authentication, web traffic, firewalls, proxies, and common attacker behaviors. · Working knowledge of NIST framework, MITRE ATT&CK;, incident lifecycle processes, and security best practices. · Ability to analyze logs from endpoints, servers, applications, cloud platforms, and network devices for threat detection and investigation. · Knowledge of phishing, malware, anomalous login behavior, suspicious process execution, and common enterprise attack patterns. · Experience with ticketing / case management workflows and strong documentation discipline. PREFERRED SKILLS · Experience with threat hunting, threat intelligence, use case tuning, or security automation. · Exposure to packet analysis, memory / disk forensics, malware sandboxing, or cloud-native detection capabilities. · Ability to support KPI / SLA tracking and contribute to service quality reporting. · Good stakeholder communication and presentation skills for operational updates and incident summaries.
Other Requirements
: CANDIDATE PROFILE · 7+ years of relevant cybersecurity experience with strong hands-on SOC / Incident Response background. · Demonstrated ability to investigate and manage medium to high complexity incidents in enterprise environments. · Strong analytical mindset, attention to detail, and problem-solving ability under pressure. · Excellent communication, collaboration, and documentation skills. · Bachelor’s degree in Computer Science, Information Security, Information Technology, or equivalent practical experience.