Security Analyst – Cyber Defense Analyst

This is a fully remote position, open to applicants in India.

📋 Description

• Oversee, assess, and interpret security alerts, telemetry, and log data across enterprise security platforms, which include SIEM and other detection technologies.

• Conduct thorough analysis of exploits, attacker behavior, and abnormal activities across endpoint, identity, network, cloud, and application data sources.

• Examine and correlate security events within the SIEM to detect threats, validate findings, and facilitate prompt incident declaration and escalation decisions.

• Record investigative results, response actions, and evidence throughout the incident lifecycle, ensuring timely status updates are provided to leadership and stakeholders.

• Engage in proactive threat hunting and research to pinpoint emerging risks, adversary techniques, and deficiencies in existing detection coverage.

• Contribute to detection engineering and response automation initiatives that enhance Cyber Defense monitoring and containment capabilities.

• Aid in the operation of security tools by assisting in the maintenance of the effectiveness, reliability, and visibility of core defensive technologies utilized by the Cyber Defense team.

• Support the development and refinement of incident response processes, playbooks, workflows, and operational procedures to elevate overall Cyber Defense effectiveness.

• Clearly communicate intrusion activity, incident details, threat trends, and proposed actions to internal stakeholders and leadership.

• Collaborate with infrastructure teams and system owners to analyze vulnerability findings, assist in prioritizing remediation, and track the resolution of high-risk issues.

⛳️ Requirements

• A minimum of 5 years of experience in information security, preferably with direct involvement in incident response, cyber defense, or security operations within a corporate or enterprise setting.

• Practical experience with SIEM platforms, including the creation and utilization of searches, dashboards, alerts, and investigations; experience with CrowdStrike NG-SIEM is strongly preferred.

• Familiarity with Microsoft 365 security technologies, particularly Microsoft Defender XDR for email, identity, and collaboration platforms.

• Basic understanding of networking concepts and cloud environments, including AWS and Azure.

• Foundational knowledge of Windows and macOS.

• Excellent written and verbal communication skills, including the ability to document incidents clearly and convey technical findings to non-technical stakeholders in a global context.

• Familiarity with frameworks such as MITRE ATT&CK, NIST CSF, CIS Controls, or similar security standards is preferred.

• Basic knowledge of scripting or query languages, such as PowerShell or Python, to assist with automation and analysis is preferred.

• Experience in supporting vulnerability management processes using tools like Tenable and Wiz, covering triage, validation, prioritization, and remediation tracking is preferred.

• A Bachelor's Degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.

🏝️ Benefits

• Comprehensive health insurance coverage for employees, with options to extend coverage to dependents.

• Paid time off and company holidays, along with additional leave benefits as per policy.

• Flexible work arrangements that promote work-life balance.

• Opportunities for learning and development to foster continuous growth and skill enhancement.

• Employee wellness initiatives and programs aimed at promoting physical and mental well-being.

• Retirement and statutory benefits in compliance with Indian regulations.

• An inclusive, people-first culture that emphasizes collaboration and ownership.