Job Title: Specialist I - Information Security | Vulnerability Management - Subject Matter Expert (SME) Location:, Hyderabad , Chennai , Bangalore , Trivandrum , Cochin Experience: 7-9 years Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence. Job Summary: We are seeking a highly experienced and knowledgeable Subject Matter Expert (SME) to join our Vulnerability Management team. The ideal candidate will possess deep expertise in cybersecurity, particularly in vulnerability management processes, tools, and best practices. This role demands strong analytical skills, excellent communication, and a proactive approach to security risk mitigation. Key Responsibilities: Lead and manage the vulnerability management program end-to-end. Conduct vulnerability assessments and penetration testing. Use tools like Qualys VMDR, MS Defender, and CrowdStrike to detect, analyze, and report vulnerabilities. Create dashboards and detailed reports with actionable recommendations. Prioritize vulnerabilities based on business risk and exploitability. Collaborate with technical teams for remediation planning and execution. Stay current with emerging threats, trends, and technologies. Deliver training on vulnerability management processes and tools. Support incident response efforts with expertise in vulnerability exploitation and mitigation. Ensure compliance with security frameworks and regulatory standards.
L1 SOC Analyst - Splunk Experience : 2 to 3 years Location : Hyderabad / Trivandrum / Kochi / Bangalore / Chennai Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence About the role : The primary role of a SOC Level 1 Analyst is to serve as the frontline defense, managing first triage and ranking of security cases, and initiating the threat detection and response processes for client-related security events. The Analyst is integral to the MDR, working collaboratively with other teams to ensure high quality of service, and will be given opportunities for professional growth in cybersecurity. The position entails conducting inquiry procedures as dictated by CyberProof methodology and contributing insights on the case investigation and detection quality. Principal Duties: Quickly respond to and classify all incoming security cases, ensuring that incidents are appropriately escalated to the right analyst within the predefined SLA period during the Analysts shift. Conduct the first triage investigations into the assigned cases using a blended approach based on tools integrated into the SOAR platform and document all collected evidence and conclusions. At the shifts commencement, diligently review all new information in the SOAR, through the Teams channel, shared mailbox, and any other designated communication mediums to ensure readiness to continue or start case the investigation and address client queries. Facilitate a smooth handoff to the next team at the end of the shift, ensuring continuous and seamless security monitoring. Remain to any procedural inconsistencies or issues and proactively report these to the team leader or upper analytical layer (L2) for resolution or consultation. Should uncertainty or complex issues arise, elevate the matter promptly to a senior L1 Analyst or Shift and Technical Leads before resorting to the L2 team. Support the Lead Analysts and the L2 team in the extraction and compilation of data needed for the preparation of Weekly, Monthly, and Quarterly Business Review (QBR) documentation. Skills and qualifications: At least 1 year of experience as a security analyst Proficient in investigating s related to phishing, malware, and similar threats. Solid understanding of computer security and networking concepts Experience with SIEM tool Splunk Knowledgeable about endpoint protection tools Skilled in analyzing network traffic, interpreting logs, and examining packet capture. Strong critical thinking and analytical abilities Excellent written and verbal communication skills Experience managing and analyzing s from security tools is a plus. Familiarity with cloud solutions is advantageous. Relevant certifications are a plus.
PMO Analyst Experience : 2-4 years Location : Trivandrum Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence Job Role : The Invoicing Team plays a crucial role in ensuring the smooth financial operations of Cyberproof. This team is responsible for accurate and timely generation and processing of invoices for our clients. Responsibilities: Assist in the preparation and issuance of accurate and timely invoices. Support the team in maintaining organized invoicing records and documentation. Assist with data entry and verification related to invoicing processes. Collaborate with internal teams to gather necessary information for invoicing. Contribute to the resolution of basic invoicing queries. Adhere to established invoicing procedures and guidelines. Perform other administrative tasks as required by the Invoicing Team. Work on invoicing for various customer accounts Understand SOW and PIP Project ID Activation in Orion tool Present account invoices to cluster head for confirmation Submit revenue and invoice details in the tool Requirements: Bachelors degree in Commerce, Finance, Accounting, or a related field Basic understanding of accounting principles and invoicing processes is a plus. Strong attention to detail and accuracy. Good organizational and time management skills. Proficiency in MS Office Suite (Excel, Word). Excellent written and verbal communication skills. Ability to learn quickly and work effectively in a team environment. A proactive attitude and willingness to take initiative.
The CyberProof-provided Vulnerability Remediation Managers will perform the following key tasks: Program Coordination Collaborate with internal vulnerability management and remediation teams Manage remediation tracking for critical/high vulnerabilities from scanning tools. Remediation Governance Facilitate weekly/bi-weekly remediation status meetings with IT stakeholders. Track remediation owners, timelines, and blockers. Follow existing remediation SLAs and risk acceptance/exemption processes. Create and triaging new vulnerability findings. Reporting Generate and distribute dashboards/reports on remediation progress. Highlight overdue vulnerabilities and SLA breaches. Process Improvement, Assist in refining vulnerability intake, triage, prioritization, and closure processes. Stakeholder Management Coordinate across Security, Infrastructure, Application, and GRC teams. Support audit and compliance-related evidence collection (eg, for PCI-DSS, HIPAA, etc).
Senior Software Engineer (Java, Cloud) Experience : 9 to 12 years Location : Hyderabad / Trivandrum / Kochi / Bangalore / Chennai Company: CyberProof, A UST Company About CyberProof CyberProof is a leading cyber security services and platform company dedicated to helping customers react faster and smarter to security threats. We enable enterprises to create and maintain secure digital ecosystems through automation, threat detection, and rapid incident response. As part of the UST family, we are trusted by some of the world s largest enterprises. Our Security Operations Group is composed of a global team of highly skilled cyber security professionals, with our tier 3-4 expertise rooted in Israeli Intelligence About the role We are looking for an experienced Senior Software Engineer to lead the product design and architecture for our enterprise SaaS platform. You will design, develop, and optimize, our Security-as-Code product, including key features and functionality. You will be responsible for deploying and debugging cloud stacks, educating teams on new cloud initiatives, and ensuring the security of the cloud infrastructure. To be successful as a Sr. S/W Engineer, you should be able to envision, design, and develop cloud-based solutions and maintain cloud infrastructures in accordance with best practices and company security policies. The ideal candidate should have excellent troubleshooting skills, stay current with industry trends, and should be a team player. Responsibilities: Create and deliver world class enterprise software Design, develop and deploy modern cloud native solutions Collaborate with product, engineering, and QA teams Interact with customers and developers as needed Educate teams on the implementation of new cloud technologies and initiatives Define, develop, and maintain cloud security best practices Identify, analyze, and resolve infrastructure vulnerabilities and application deployment issues Regularly review existing systems and make recommendations for improvements Requirements: Degree in computer science or a similar field At least 5 years of software engineering experience Experience with CI/CD systems Experience with DevOps, Scrum, and Kanban Experience with Azure, AWS, and GCP Troubleshooting and analytical skills Good communication and collaboration skills
We are looking for an experienced Azure SIEM Platform Lead with strong expertise in Azure Data Explorer (ADX), Microsoft Sentinel, Kusto Query Language (KQL), and Azure DevOps. The candidate will be responsible for managing a cloud-based SIEM platform, leading a small technical team, and engaging directly with customers. A solid understanding of cybersecurity operations and a proactive mindset toward platform optimization are essential. Key Responsibilities: Manage and lead the Azure SIEM platform using ADX, Sentinel, and DevOps tools. Develop and optimize KQL queries for threat detection, reporting, and health monitoring. Onboard and fine-tune log sources and connectors for visibility and cost efficiency. Lead and mentor a small team of engineers. Act as the primary technical contact for customers. Drive automation and CI/CD practices using Azure DevOps. Ensure platform performance, scalability, and security. Mandatory Skills: Azure Data Explorer (ADX), Microsoft Sentinel, KQL Azure DevOps (CI/CD, automation) Cloud platform management and team leadership Strong communication and customer-facing skills Security operations, threat detection, and log optimization Preferred Certifications: AZ-500, AZ-104, SC-200 Familiarity with ARM, Bicep, or Terraform is a plus
Experience : 2 to 4 years Location : Bangalore / Hyderabad / Chennai / Kochi / Trivandum The primary role of a SOC Level 1 Analyst is to serve as the frontline defense, managing first triage and ranking of security cases, and initiating the threat detection and response processes for client-related security events. The Analyst is integral to the MDR, working collaboratively with other teams to ensure high quality of service, and will be given opportunities for professional growth in cybersecurity. The position entails conducting inquiry procedures as dictated by CyberProof methodology and contributing insights on the case investigation and detection quality. Principal Duties: Quickly respond to and classify all incoming security cases, ensuring that incidents are appropriately escalated to the right analyst within the predefined SLA period during the Analysts shift. Conduct the first triage investigations into the assigned cases using a blended approach based on tools integrated into the SOAR platform and document all collected evidence and conclusions. At the shifts commencement, diligently review all new information in the SOAR, through the Teams channel, shared mailbox, and any other designated communication mediums to ensure readiness to continue or start case the investigation and address client queries. Facilitate a smooth handoff to the next team at the end of the shift, ensuring continuous and seamless security monitoring. Remain to any procedural inconsistencies or issues and proactively report these to the team leader or upper analytical layer (L2) for resolution or consultation. Should uncertainty or complex issues arise, elevate the matter promptly to a senior L1 Analyst or Shift and Technical Leads before resorting to the L2 team. Support the Lead Analysts and the L2 team in the extraction and compilation of data needed for the preparation of Weekly, Monthly, and Quarterly Business Review (QBR) documentation. Skills and qualifications: At least 2 years of experience as a security analyst Proficient in investigating s related to phishing, malware, and similar threats. Solid understanding of computer security and networking concepts Experience with Splunk SIEM Knowledgeable about endpoint protection tools Skilled in analyzing network traffic, interpreting logs, and examining packet capture. Strong critical thinking and analytical abilities Excellent written and verbal communication skills Experience managing and analyzing s from security tools is a plus. Familiarity with cloud solutions is advantageous. Relevant certifications are a plus.
Job Title: L2 SOC Analyst Experience : 5 to 7 years Location: Trivandrum, Kochi, Chennai, Bangalore, Hyderabad Company: CyberProof, A UST Company Key Roles & Responsibilities Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity Set up SIEM solutions and troubleshoot connectivity issues Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions Collate security incident and event data to produce monthly exception and management reports Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues Develop and maintain documentation for security systems and procedures Recommend, schedule, and apply fixes, security patches, and any other measures required, in the event of a security breach Experience & Qualifications Required Minimum 3+ years of experience as an Analyst working as part of a SOC team Experience with SIEM vendors such as Sentinel, QRadar, ArcSight, RSA, and LogRhythm from an IT Infra structure and have Nozomi experience in the OT side. Experience in incident response, and in writing procedures runbooks and playbooks Ability to work with customer s IT and security teams
Job Title: L2 SOC Analyst Experience : 5 to 7 years Location: Trivandrum, Kochi, Chennai, Bangalore, Hyderabad Company: CyberProof, A UST Company Key Roles & Responsibilities Resolve, escalate, report, and raise recommendations for resolving and remediating security incidents Handle the advanced monitoring of system logs, SIEM tools, and network traffic for unusual or suspicious activity Set up SIEM solutions and troubleshoot connectivity issues Investigate and resolve security violations by providing post-mortem analysis to illuminate issues and possible solutions Collate security incident and event data to produce monthly exception and management reports Report unresolved network security exposure, misuse of resources, or noncompliance situations using defined escalation processes Assist and train team members in the use of security tools, the preparation of security reports, and the resolution of security issues Develop and maintain documentation for security systems and procedures Recommend, schedule, and apply fixes, security patches, and any other measures required, in the event of a security breach Experience & Qualifications Required Minimum 3+ years of experience as an Analyst working as part of a SOC team Experience with SIEM vendors such as Sentinel, QRadar, ArcSight, RSA, and LogRhythm from an IT Infra structure and have Nozomi experience in the OT side. Experience in incident response, and in writing procedures runbooks and playbooks Ability to work with customer s IT and security teams nan
Role Proficiency: Take the lead in monitoring and maintenance across a global customer base for respective SIEM or EDR technology taking ownership of issues through and including resolution. Outcomes: Monitor investigate and provide meaningful resolution for tickets and issues across multiple customers for the specified SIEM or EDR type. Escalate accordingly issues observed to a team member if appropriate to ensure optimal performance of the platform supported. Contribute to the evolution of the wider teams capabilities to help deliver CyberProof s strategic vision for a global managed SIEM services. Build strong relationships with customers and key stakeholders to ensure customer requirements and needs are fulfilled. Take ownership of personal workload acting as a role model for peers. Continuously seek to improve the service offered to global customers. A Subject Matter Expert for the respective technology being worked on both internally within CyberProof and for managed clients providing input for key in- life services within CyberProof. Assist with service and change requests for platform types such as access requests as well as more targeted requests for specific modules on platform such as dashboard creation query support Investigation of more complex issues. Proactively develop and maintain documentation and knowledge articles for wider members of the team relating to customers supported. Ensure in-life requests are being actioned in a timely manner for self and junior roles. Provide assistance and mentorship for global team members both within and outside the Measures of Outcomes: Percent of Adherence to processes and methodologiesa.Percent of adherence to SLAs for in- life ticketing processesb.Percent of adherence to workflows and completeness of audit trail for all activities undertaken. Productivity score maintaineda.Number of issues with early identification in case of problems with delivering tasks or workload.b.Number of issues with effective evidence provided for escalations during triage. Number of identified opportunities implemented to enhance change and process documentation to ensure remain relevant for broader team. Number: of relevant skill related training and development activities undertaken; evidenced by certification. Outputs Expected: Technical Expertise: Show strong comprehension and experience with the specific SIEM or EDR platform that Specialist is working on. Take the lead on identifying issues with the specified platform type or its supporting infrastructure. Using technology identify and implement technical solutions to issues with queries/rules/dashboards/data feeds Platform Management Incidents and Requests: Provide accurate updates to appropriate Service and Change Requests; ensuring an audit trail is preserved and SLAs are achieved. Proactive identification of issues with behavioural analysis/patterns identified with suggestions and plans for achieving resolution. Provide leadership and support to Junior members. Stakeholder Focus: Comfortable and aware of the customers supported Capable of providing support towards QBR preparation and delivery as required. Ensure relevant reporting metrics of customer information provided in a timely manner. Engage with customer/TAM/Project team where required. Ensure customer specific processes are being followed. Undertake mandatory and proactive learning and development opportunities. Skill Examples: Excellent communication skills with both internal and external stakeholders Ability to be prepared to undertake background check/validation to ensure integrity. Ability to work unsupervised with the assigned SIEM or EDR technologies and their supporting infrastructure Aptitude in identification objectives and priorities for the broader team; identifying successes/failings Capacity in working with multiple querying languages with the ability to have a full end- to- end set of skills from onboarding and parsing a log source to exploiting via analytics or rulesets. Ability to have sufficient experience and confidence in target toolset to be able to provide mentoring to upskill junior members. Capable of showing strong analytical skills working across multiple technologies and customers as well as sufficient competence to draft support documentation for internal or external use. Knowledge Examples: Knowledge Examples Experience in working with Security Operations and/or EDR/SIEM Platform Management roles. An understanding of various Security Frameworks and Security controls with a focus on IT. Multiple years of experience working as part of a MSSP style environment working with different customer types Detailed knowledge of specific SIEM or EDR technology as well as how the capability can be utilised to support operations. Experience and knowledge of how to utilise Big Data and Data manipulation. Desirable: Certifications in IT infrastructure / SIEM / EDR / Ethical Hacking Desirable: Academic qualifications and/or relevant work experience in lieu of qualifications.
Role Proficiency: Effectively lead a medium size unit / shift / sub-team / customer engagement within a larger Shared Services team; delivering cyber security monitoring and triage activities for our global customers. Assist SOC Manager (B3/C1) in larger responsibilities. This role is in the management stream and envisages growth in management rather than the technology space. Outcomes: Effectively Lead a medium size SOC team (unit / shift / sub-team / medium size customer engagement) Responsible for delivery of SOC services by the team as per SLA. Responsible for performance of activities by the team defined by the manager from a contractual and regulatory perspective. Responsible for the quality of deliverables of the team Ensure a well administered team / engagement. Responsible for customer communication and stakeholder management. Assist SOC Manager in larger responsibilities for example managing P & Ls. Ensure team adherence to the Information Security policies as defined by the company and customer. Measures of Outcomes: Team adherence to SLA as agreed with the customer. Innovation Case Studies and value delivered to customer / Cyberproof. Productivity (Number of s and incidents addressed) Quality - Percent of tickets that meet quality norms Adherence to process Nil NC during audits Evidence of skill development including training and certification etc. Outputs Expected: Team Administration and Management: Ensure that a balanced team is available to provide defined services Responsible for administrative aspects like shift roster and attendance on-call related allowances etc. Assist SOC Manager with larger responsibilities. Delivery Management: Supervision of the shift period / team such that cyber security s from the SIEM and multiple sources are dealt with by the shift / team within SLAs For the responsible team unit; ensuring quality standards are maintained. Define and implement new processes or changes to existing processes. Communicate and escalate per defined process. Reporting: Generation of required reports management information and analytics. Team Competence Management: Mentor junior team members wherever possible Identify training needs for team. Define and implement Training plans. Continuous Improvement: Ensure activities like quality checks reviews etc are performed to ensure the team is performing with required standards. Set benchmarks for a high performance organisation Make that audits go smoothly; responsible for closure of audit findings and performance improvement plans Ensure continuous improvement in the team in areas of delivery quality operational efficiency innovation and optimization etc. Ensure Continuous learning Skill Examples: High proficiency in people and stake-holder management. Ability to manage and lead medium sized teams. Ability to inspire. Ability to interface with customers and specialist teams on these topics. High proficiency in operations / project management. Certifications / Training in relevant frameworks. Understanding of relevant frameworks in cyber security SOC IT Infrastructure etc. Excellent oral and written communication skills. Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background check Knowledge Examples: 7+ Years overall experience in SOC / IT Infrastructure. A minimum of 4 years experience delivering SOC services for global organizations. University Degree in Cyber Security (no back papers) / Bachelor s in Engineering or Science with training in cyber security Sound understanding of relevant tools related to SOC like SIEM EDR Ticket Management etc. Exposure to ISMS Quality and BCP processes and frameworks. Highly Proficient in Cybersecurity Incident Management process. Sound understanding of cyber security s and incidents. Intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc. Experience in ensuring adherence to ISMS QMS and principles guidelines and relevant frameworks (e.g. ISO27001) Desirable Training / Certification in relevant processes / frameworks related to operations / project / cyber security etc. Additional Comments: We are seeking a seasoned L3 SOC Manager to lead and manage cybersecurity operations across IT and OT environments. This role demands deep technical expertise, strategic leadership, and proven people management capabilities to drive operational excellence across the Security Operations Center (SOC). Key Responsibilities: Leadership & People Management: Lead and mentor SOC teams across L1, L2, and L3 tiers. Drive performance, engagement, and career development of analysts. Collaborate with global stakeholders to align SOC operations with business goals. Cybersecurity Expertise: Apply deep understanding of cybersecurity principles and best practices. Implement and maintain security frameworks (e.g., NIST, ISO 27001). Oversee threat detection, incident response, and vulnerability management. Technical Oversight: Manage deployment and optimization of security technologies including: Endpoint protection Network and cloud security OT/ICS security platforms Incident Response & Threat Intelligence: Lead critical incident response efforts with precision and urgency. Analyze threat intelligence to proactively defend against emerging threats. Risk & Compliance: Assess and mitigate security risks across environments. Ensure compliance with internal and external regulatory requirements. Communication & Decision-Making: Communicate complex technical concepts to diverse audiences. Make sound decisions under pressure during high-impact situations. Required Qualifications: 8+ years in cybersecurity, with at least 3 years in a leadership role. Proven experience managing SOC teams and operations. Strong knowledge of IT and OT security technologies. Hands-on experience with incident response and threat analysis. Excellent communication, interpersonal, and decision-making skills.
Role Proficiency: Monitor cyber security s for our global customers in a 24x7x365 operations team under supervision of Team Lead / senior members of the team. Outcomes: Under supervision of senior team members ensure that cyber security s from the SIEM and multiple sources are dealt with as per SLA. Seek support of senior members of the team in case of new type incident type or higher complexity. Respond independently to low and medium complexity incidents Follow documented playbook to ensure consistent and repeatable response to s. Ensure Documentation including in CDC / SIEM work log as predefined / agreed standards. Learn from review process for continuously improvement. Communicate and escalate as per defined process. Seek advice from senior members of the team when in doubt. Put forward topics for inclusion or upgrade in the playbook to the attention of the senior team members. Assist the lead in the review process for junior team members. Adhere to defined SOC processes including housekeeping tasks. Adhere to the Information Security policies as defined by the company and customer. Measures of Outcomes: Adhere to SLA as agreed with the customer. Productivity (Number of s addressed) Quality - Percent of tickets that met quality norms Adhere to process Nil NC during audits Evidence of skill development including training certification etc. Outputs Expected: Cyber Security Monitoring: Work in accordance with the Playbook / under supervision of the team lead to monitor s in the CDC Platform / SIEM Tool. etc. Ensure appropriate response in line with the SLA. Cyber Security Incident Management: Work in accordance with the Playbook under supervision of the team lead to process s through analysis triage and resolution. Communicate and escalate as per defined process In accordance with the Playbook under supervision of the team lead complete documentation including annotation in CDC / SIEM work log to ensure audit trail as per defined standards and quality requirements. In accordance with the Playbook under supervision of the team lead ensure that various reports are created and published to stakeholders Continuous Learning innovation and optimization: Ensure completion of learning programs as suggested by Managers Suggest ideas that will help innovation and optimization of processes. Help develop the ideas into proposals. Provide suggestions for playbook upgrade Team Work: Assist junior team members where possible. Skill Examples: User level skills in use of CDC SIEM and other relevant tools. Ability to identify Use Cases Use Case and Process Improvement suggestions to the Team Lead for consideration Excellent logical problem-solving ability and analytical skills for incident triage and analysis Good oral and written communication skills. Continually learn new technology and stay updated on cyber threats. Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis. Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background check. Knowledge Examples: Knowledge Examples 1 to 3 years experience in SOC operations with SOC of global organization. University Degree in Cyber Security (no back papers) / Bachelor s in Science or Engineering with training in cyber security Proficient in Cybersecurity Incident Management process. Up to date in cyber security s and incidents; intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc. Understanding of ISMS principles and guidelines; relevant frameworks (e.g. ISO27001) Desirable Training / Certification in Ethical Hacking SIEM Tool etc. Additional Comments: The primary role of a SOC Level 1 Analyst is to serve as the frontline defense, managing first triage and ranking of security cases, and initiating the threat detection and response processes for client-related security events. The Analyst is integral to the MDR, working collaboratively with other teams to ensure high quality of service, and will be given opportunities for professional growth in cybersecurity. The position entails conducting inquiry procedures as dictated by CyberProof methodology and contributing insights on the case investigation and detection quality. Principal Duties: Quickly respond to and classify all incoming security cases, ensuring that incidents are appropriately escalated to the right analyst within the predefined SLA period during the Analysts shift. Conduct the first triage investigations into the assigned cases using a blended approach based on tools integrated into the SOAR platform and document all collected evidence and conclusions. At the shifts commencement, diligently review all new information in the SOAR, through the Teams channel, shared mailbox, and any other designated communication mediums to ensure readiness to continue or start case the investigation and address client queries. Facilitate a smooth handoff to the next team at the end of the shift, ensuring continuous and seamless security monitoring. Remain to any procedural inconsistencies or issues and proactively report these to the team leader or upper analytical layer (L2) for resolution or consultation. Should uncertainty or complex issues arise, elevate the matter promptly to a senior L1 Analyst or Shift and Technical Leads before resorting to the L2 team. Support the Lead Analysts and the L2 team in the extraction and compilation of data needed for the preparation of Weekly, Monthly, and Quarterly Business Review (QBR) documentation. Skills and qualifications: At least 1 year of experience as a security analyst Proficient in investigating s related to phishing, malware, and similar threats. Solid understanding of computer security and networking concepts Experience with SIEM or similar security tools. Knowledgeable about endpoint protection tools Skilled in analyzing network traffic, interpreting logs, and examining packet capture. Strong critical thinking and analytical abilities Excellent written and verbal communication skills Experience managing and analyzing s from security tools is a plus. Familiarity with cloud solutions is advantageous. Relevant certifications are a plus.
Role Proficiency: Monitor cyber security s for our global customers in a 24x7x365 operations team under minimal supervision of Team Lead. Mentor junior members of the team as well as assist the Team Lead in supervision. Outcomes: Mentor junior members of the team to help them learn and achieve their full potential. Respond independently to low and medium complexity incidents Assist the Team Lead in supervisory activities leading to a high-performance organisation. Under the overall supervision of Team Lead ensure that cyber security s from the SIEM and multiple sources are dealt with by the entire team within SLA. Communicate and escalate as per defined process. Train and motivate the team to follow documented playbook. Assist the Team Lead in ensuring quality of service across the team. Review and recommend topics for inclusion or upgrade in the playbook as well as new Use Cases or the refinement of existing ones. Adherence to defined SOC processes including housekeeping tasks. Adherence to the Information Security policies as defined by the company and customer. Measures of Outcomes: Innovation: Case Studies and value delivered to customer / Cyberproof. Team adherence to SLA as agreed with the customer. Productivity (Number of s addressed) Quality - Percent of tickets that met quality norms Adhere to process Nil NC during audits Evidence of skill development including training certification etc. Outputs Expected: Cyber Security Monitoring : Work in accordance with the Playbook under supervision of the team lead to monitor s in the CDC Platform / SIEM Tool etc. Ensure appropriate response in line with the SLA. Cyber Security Incident Management: Process s through analysis triage and resolution. Communication and escalation as per defined process Documentation including annotation in CDC / SIEM work log to ensure audit trail as per defined standards and quality requirements. Reporting Team Player: Assist the team lead in ensuring Continuous Learning as well as in delivering on innovation and optimization Mentor junior team members where possible. Reporting: Assist Team Lead in generation of required reports management information and analytics. Other Responsibilities: Ensure that the housekeeping tasks are performed Undertake activities for example quality checks reviews etc. to ensure that the team as a whole are performing to standard requirements Stand in for the team lead when required at customer meetings etc. Assist in achieving near zero false-positives etc. Skill Examples: High proficiency in the use of CDC SIEM and other relevant tools Skill to review and recommend Play Book improvements Use Case Refinements New Use Cases Process Improvements etc. Excellent logical problem-solving ability and analytical skills for incident triage and analysis Excellent oral and written communication skills. Continually learn new technology and stay updated on cyber threats. Assist and motivate team members to do likewise Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis. Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background check. Knowledge Examples: 3 to 5 years experience as SOC operations with SOC of global organization. University Degree in Cyber Security (no back papers) / Bachelor s in Science or Engineering with training in cyber security Highly proficient in Cybersecurity Incident Management process. Highly proficient and up to date in cyber security s and incidents. Intermediate understanding of enterprise IT Infrastructure including Networks Firewalls OS Databases Web Applications etc. Understanding of ISMS principles and guidelines; relevant frameworks (e.g. ISO27001) Desirable Training / Certification in Ethical Hacking Tools Process and Frameworks related to cyber security etc. Additional Comments: Job Title L2 SOC Analyst- GoDaddy Inc Participate in continuous improvement efforts for SOC capabilities across people, process, and technology. Collaborate with teams to optimize detections and playbooks. Analyze and triage security incidents Mentor and train junior analysts Serve as escalation point for Junior analysts Participate in incident response activities as necessary. Your experience should include o Strong grasp of operating systems (Windows, Linux, MacOS) and networking protocols and concepts. o Extensive knowledge of internet security issues and the threat landscape. o Previous experience with the following tools: Splunk, EDR Solutions, Microsoft Security products. o Problem-solver with excellent communication skills, a deep technical understanding of security best practices. o Knowledge with threat hunting. o Strong grasp of the Incident response life cycle o Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources. o Capable of writing advance ad-hoc SPL queries. o Analyze log files from a variety of sources (for example, Individual host logs, network traffic logs, firewall logs, and intrusion detection system logs) to identify possible threats to network security. o Utilize SIEM tools, such as SPLUNK and EDR tools, to enhance monitoring capabilities and expanding on the security posture of the current environment. o 4+ years experience in a SOC or Fusion Center environment You might also have o Incident Response specific or other relevant certifications [ex. GCIH, ECIH, SEC + etc.] o Experience with incident response in cloud platforms [AWS, GCP, etc].