Sr. Security Operations Analyst

The Senior Security Operations Analyst is an expert-level role in the Security Operations Center (SOC), responsible for handling the most complex and critical security incidents. This role involves advanced threat analysis, incident response, and proactive threat hunting. The Senior Security Operations Analyst also contributes to the strategic improvement of the organization's security posture.

Threat Research - Research on new ATP's, Threats, identifying the new indicators of compromise (IOC's), Tactics, Techniques and Procedures (TTP's).

Responsible for end-to-end security incident triage. Working with respective teams providing contextual information for security incident remediation.

Recommend fine tuning and configuration changes to Security platforms which will improve the accuracy of detections and bring down the false positives

Experience in creation and integration of playbooks and custom parsers for SOC tools

Develop and maintain incident response play books and for continuous service improvements

Analyse monthly Security reports from the platforms and vendors to identify trends and vulnerabilities within the infrastructure

Conduct computer, network forensic investigation functions and malware analysis to determine the target

Coordinate efforts with globally dispersed teams.

Document decisions regarding technology choices, best practices and process.

Contribute to architectural conversations and plans.

Collaborate with engineers and development teams to integrate security practices into the CI/CD pipeline and automate security processes.

24x5 rotational shift (Hybrid) and on-call rotational responsibility during weekend.

Subject matter expert in security audits and compliance assessments to ensure adherence to industry regulations (e.g., GDPR, HIPAA, SOC, ISO) and internal security requirements.

Lead the creation of comprehensive security documentation and training materials for both technical and non-technical audiences.

Lead collaborations with developers and engineers to simulate realistic cyber-attack scenarios aimed at identifying vulnerabilities in the applications and infrastructure.

Provide the oversight of third-party Security Operations Center (SOC), and second-level incident investigation and triage.

Mentor and guide junior security engineers, fostering their technical growth and professional development.

Take lead to create documentation and training materials for Security Operations.

• Professional degree / equivalent education in Computer Science from a reputed college with consistent academic record
• 8+ years of experience in cybersecurity, with significant time spent in security operations.
• Expert knowledge of advanced Cyber and Cloud threats, attack methodologies, and countermeasures.
• Proficiency in SIEM, XDR, IDS/IPS, CSPM, forensic tools and threat intelligence platforms.
• Hands-on experience in security systems, including EDR, firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
• Strong expertise in incident response, threat hunting, and malware analysis
• Ability to discuss and articulate Security Frameworks (MITRE, NIST), Technologies and Best practises
• Support Security Analysts to provide additional subject matter expertise
• Proven Experience with SIEM, EDR, IDS/IPS, network forensic tools and external exposure management tools.
• Experience in handling Security Events, Incidents, Breaches and Zero days.
• Exhibit good judgement in managing workload, including when to communicate project risks.
• In-depth understanding of cybersecurity and cloud principles, practices, and methodologies.
• Familiarity with common cyber threats, attack vectors, and vulnerabilities.
• Experience securing cloud environments, such as AWS, Azure, or Google Cloud.
• Proficient with incident response procedures, documentation and best practices.
• Knowledge of cryptographic protocols and key management.
• Proficiency in LLM and security orchestration, scripting languages (e.g., Python, PowerShell) to automate security tasks.
• Dedication to staying updated with the latest security trends, tools, and techniques.
• Proficiency in creating clear and comprehensive security documentation, reports, and procedures.
• Familiarity with relevant regulations (GDPR, HIPAA, etc.) and industry standards (ISO 27001, NIST).
• Excellent verbal and written English skills to collaborate with cross-functional teams and convey security concepts to non-technical stakeholders.
• Experience with common security tools, such as Burp/ZAP, Nessus, Kali Linux, etc.
• Experience with Threat Modelling and Vulnerability Management Tools
• Security certifications such as GCIH, GCIA, CASP or GCFA