Senior Security Analyst – Falcon NG SIEM Experience

This is a fully remote position, open to applicants in India.

📋 Description

• Lead and implement security incident response, utilizing your extensive expertise to manage and mitigate threats across Ivanti’s global operations.

• Identify both known and unknown threats through advanced incident response techniques, threat hunting, threat intelligence, and a solid understanding of attacker TTPs.

• Perform comprehensive investigations into external attacks, insider threats, and digital forensics, ensuring stakeholders remain updated with detailed reporting.

• Analyze security logs from various sources (SIEM, EDR, DLP, email threat detection, and cloud services like Azure, AWS, and GCP), proactively identifying and neutralizing potential threats before they can cause harm.

• Create detection content, develop automation to enhance and expedite security response efficiency, and improve our overall detection and response capabilities.

• Offer actionable risk mitigation strategies, recommendations, and thorough documentation to strengthen Ivanti’s security posture.

• Collaborate closely with Senior Threat Analysts, the Incident Response Manager, and the Security Architecture team to coordinate, escalate, and resolve information security incidents.

• Contribute to knowledge sharing and mentorship within the team to foster collective expertise in contemporary cyber defense.

⛳️ Requirements

• Bachelor’s degree in Information Systems, MIS, Computer Science, Cybersecurity, or a related technical discipline.

• Over 7 years of experience in cybersecurity incident response, threat hunting, SOC operations, and/or digital forensics within enterprise-scale environments.

• Proficiency in Mimecast and Falcon NG-SIEM is essential.

• Mastery of security tools and platforms such as SIEM, EDR, DLP, email security gateways, cloud security (Azure, AWS, GCP), forensic toolsets, and network security solutions.

• Expertise in Windows, Linux, and/or Mac operating systems—at both the filesystem and artifact level.

• Strong knowledge of the MITRE ATT&CK framework and practical experience in mapping real-world attacks to attacker techniques.

• Comprehensive understanding of anomalous activity, lateral movement, living-off-the-land techniques, and common attacker tradecraft.

• Excellent organizational skills, time management abilities, and the capacity to excel in dynamic, fast-paced environments.

• Outstanding communication skills—capable of producing clear reports and guidance for both technical and non-technical stakeholders.

• Proven ability to collaborate with internal and external teams to efficiently research and implement countermeasures against novel and persistent threats.

• Bonus points for industry-recognized certifications such as SANS (GCIH, GCFA, GNFA), CompTIA (CySA+, Security+), EC-Council (CEH), or Blue Team certifications.

🏝️ Benefits

• Remote-friendly, flexible schedules: Empower excellence in every setting and elevate human potential.

• Competitive compensation & total rewards: Including health, wellness, and financial plans tailored for you and your family.

• Global, diverse teams: Collaborate with talented individuals from 23+ countries.

• Learning & development: Enhance your skills with access to top-tier learning tools and programs.

• Equity & belonging: We value every voice. Your story helps inform our solutions for a changing world.