Lead Security Analyst

Duties & Responsibilities Lead complex incident investigations, performing deep forensic analysis, root cause determination, and full kill chain reconstruction across endpoint, network, cloud, and identity systems. Serve as the technical lead for high severity incidents, coordinating containment, eradication, and recovery efforts across cross functional teams. Develop advanced detection rules, SIEM analytics, EDR custom detections, use cases, and automated response playbooks; tune existing alerts to reduce noise and improve fidelity. Conduct proactive threat hunting based on threat intelligence, adversary TTPs, anomaly detection, and environmental risk assessments. Analyze malicious artifacts including scripts, binaries, phishing payloads, and web based attacks using static and dynamic analysis techniques. Review and advise on network, endpoint, cloud, and identity security architecture to identify gaps and recommend improvements. Guide and mentor Tier I and Tier II analysts, reviewing investigations, validating escalations, and providing technical training. Partner with vulnerability management, engineering, cloud, networking, and IAM teams to assess risk, validate findings, and support prioritized remediation. Produce detailed incident reports, post incident reviews, and recommendations to strengthen organizational resilience and response capability. Collaborate with security leadership on SOC strategy, tooling enhancements, operational metrics, and continuous improvement initiatives. Requirements Basic Qualifications Solid understanding of network protocols, data protection mechanisms, and threat landscapes Hands-on experience with security systems, including firewalls, intrusion detection systems, anti-virus software, etc. Preferred Qualifications Industry-recognized certifications (e.g., CISSP, CISM, CEH) Masters degree in Cybersecurity or a related field

6-8 years
Required Skills & Qualifications 10 year’s experience in an infrastructure engineering or DevOps role 4 years hands-on experience with Azure, GCP, or AWS 2 years hands on experience engineering Kubernetes solutions and associated ecosystems Strong background in automation with modern automation tools like Terraform, Packer, and Puppet. Demonstrated abilities managing code and other project files with Git CI/CD experience with modern tooling like Jenkins or Azure DevOps Strong understanding of cloud networking concepts (Virtual Private Networks, Software Defined Networking, Network and Application Load Balancers, DNS, API Gateways, Routing). Solid grasp of cloud security principles and compliance standards. Proficiency in Linux and Windows system administration. Understanding of GitOps Excellent problem-solving and communication skills. Bachelor’s degree in computer science, engineering, or related field. Preferred Qualifications Certified Kubernetes Administrator (CKA) or Certified Kubernetes Application Developer (CKAD) certification Certifications in cloud technologies (e.g., AWS Certified Solutions Architect, Azure Administrator, etc). Experience with monitoring tools (e.g., Prometheus, Grafana). Familiarity with scripting languages (e.g., Bash, Python, PowerShell). Hands on experience with modern GitOps tools such as FluxCD or ArgoCD