Cyber Security Analyst

Role: Cyber Security Analyst

Location: Bangalore, India

Experience - 7+ years

Responsibilities:

Threat Detection & Response:

• Monitor and analyze security events from various sources, including SIEM/XDR platforms like Microsoft Sentinel and Rapid7 InsightIDR
• Conduct thorough investigations of security incidents, including root cause analysis and forensic investigations
• Collaborate with the Incident Response Team to triage, classify, and escalate alerts as necessary
• Maintain and update incident response runbooks and playbooks aligned with NIST and MITRE ATT&CK frameworks

Tool & Platform Management:

• Administer and optimize security tools such as Microsoft Defender, Zscaler ZIA/ZPA, CyberArk EPM, and Rapid7 InsightVM
• Ensure Azure workloads are monitored and secured using Microsoft Defender for Cloud, Azure Policies, and Sentinel analytics rules
• Utilize Python scripting to automate detection workflows, playbook execution, and integration between tools and APIs

Vulnerability & Attack Surface Management:

• Conduct regular vulnerability assessments using Rapid7 InsightVM and ensure timely risk-based patching and mitigation
• Continuously assess the organizations attack surface across endpoints, networks, and cloud infrastructure
• Recommend and implement hardening strategies, privilege controls, and segmentation to reduce risk

Security Controls Coverage:

• Ensure comprehensive coverage of security controls across all environments, including endpoints, networks, and cloud infrastructure
• Regularly review and update security controls to address emerging threats and vulnerabilities

Cybersecurity Metrics & Reporting:

• Define and track key cyber security metrics (i.e., Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), incident severity distribution, alert-to-incident ratio, and vulnerability remediation timelines)

Requirements :

• In-depth experience with Microsoft Defender, Zscaler, CyberArk EPM, Rapid7 InsightIDR/InsightVM, Microsoft Sentinel, Azure Security Center, and Zscaler ZIA
• Strong scripting skills in Python for automation and log enrichment
• In-depth knowledge of incident response frameworks (e.g., NIST 800-61), SOC operations, and threat intelligence
• Excellent analytical and problem-solving skills
• Ability to convey technical risk to non-technical stakeholders

Educational Qualifications:

• Bachelor Or Master in Technology
• Bachelor Or Master of Computer Applications

Certifications:

• Certifications such as CISSP