Cybersecurity Analyst

1. Role Overview

We are seeking a Cybersecurity Analyst to join our Threat Detection & Incident Response (TDIR) team. The ideal candidate will actively monitor security events, analyze suspicious activities, investigate incidents, and implement measures to enhance the overall security posture of the organization.

2. Key Responsibilities

A. Threat Monitoring & Detection

• 
  

  Continuously monitor SIEM dashboards (e.g., Splunk, Sentinel, QRadar) for anomalies and alerts.

  
  


• 
  

  Conduct initial triage of security events and classify alerts based on severity.

  
  


• 
  

  Detect potential intrusions, malware behavior, privilege escalation, DLP violations, and unauthorized access patterns.

  
  

B. Incident Response

• 
  

  Perform deep-dive analysis of detected security incidents.

  
  


• 
  

  Document incident timeline, impact, root cause, and mitigation steps.

  
  


• 
  

  Coordinate with IT, cloud, and network teams for quick containment and recovery.

  
  


• 
  

  Assist in drafting Incident Response (IR) reports and post-incident reviews.

  
  

C. Vulnerability & Risk Management

• 
  

  Review vulnerability scans and prioritize remediation efforts.

  
  


• 
  

  Track and analyze security weaknesses across systems, applications, and networks.

  
  


• 
  

  Recommend hardening measures and best security practices.

  
  

D. Security Tools & Automation

• 
  

  Work with tools like EDR, SIEM, SOAR, Firewall, Threat Client platforms.

  
  


• 
  

  Develop automated playbooks or scripts (Python/PowerShell) to reduce manual effort.

  
  


• 
  

  Analyze threat intelligence feeds and correlate them with internal events.

  
  

E. Compliance & Reporting

• 
  

  Maintain documentation related to incidents, alerts, audits, and risk assessments.

  
  


• 
  

  Ensure compliance with ISO 27001, NIST, GDPR, and SOC2 standards (as applicable).

  
  


• 
  

  Assist in security awareness activities and periodic audits.

  
  

3. Qualifications

Education

• 
  

  Bachelor's degree in Computer Science, Cybersecurity, IT, or related field.

  
  

Required Skills

• 
  

  Strong knowledge of SOC operations, SIEM tools, and incident lifecycle.

  
  


• 
  

  Understanding of network security, Linux/Windows internals, cloud fundamentals, and basic malware behavior.

  
  


• 
  

  Hands-on experience with alerts triage, log analysis, and threat hunting.

  
  


• 
  

  Good analytical thinking, communication, and documentation skills.

  
  

Preferred Skills

• 
  

  Certifications such as:

  
  
  
  
  • 
    

    CompTIA Security+,

    
    
  
  
  • 
    

    CEH,

    
    
  
  
  • 
    

    Splunk Core User/Power User,

    
    
  
  
  • 
    

    Microsoft SC-200.

    
    
  
  
  
  


• 
  

  Experience with SOAR automation and scripting.

  
  

4. Salary Range

• 
  

  4.5 LPA – 12 LPA (India), based on experience & skills.