Continuous Monitoring:
Monitor security alerts and logs across the environment using Siem tools
LogRhythm
,
Microsoft Sentinel, Microsoft Defender
and
CrowdStrike Falcon
.
Conduct initial incident triage
: Analyze alerts, logs, telemetry, and IOCs to assess severity, scope, and impact; distinguish false positives from threats; execute responses (endpoint isolation, block malicious IPs/domains, reset accounts per runbooks); escalate high-severity incidents to Tier 2/IR with detailed documentation.
Endpoint Defense:
Utilize
CrowdStrike XDR
capabilities to investigate process trees, isolate compromised hosts, and hunt for indicators of compromise (IOCs).
Log Analysis:
Query and analyze data from various sources (firewalls, O365, Identity) within the SIEM to reconstruct attack timelines.
Threat Hunting:
Perform basic, proactive hunting tasks based on latest threat intelligence to identify undetected activity.
Reporting & Documentation:
Maintain detailed logs of incidents in the ticketing system and assist in the creation of Post-Incident Reports (PIR).
Collaboration:
Escalate complex or high-priority incidents to Tier 3 analysts or Incident Response teams with clear, actionable documentation.

Required Skills & Qualifications

Experience:
Minimum of 2 years in a Security Operations Center (SOC) or a similar technical security role
Microsoft Sentinel:
Hands-on experience with KQL (Kusto Query Language) for searching logs, creating workbooks, and managing analytic rules
CrowdStrike Falcon:
Proficiency in using the Falcon console for endpoint detection, response, and basic remediation (e.g., network isolation)
Proficient in
Microsoft Defender
XDR for alert triage, incident correlation, threat investigation, and response actions like endpoint isolation and remediation
Technical Knowledge:
Strong understanding of the TCP/IP stack, Windows/Linux OS security, and the MITRE ATT&CK framework. Maintain awareness of attack techniques using
MITRE ATT&CK framework
Certifications (Preferred):
Microsoft SC-200 (Cybersecurity Operations Analyst), CompTIA Security+, Any other related certificates

More Jobs at Cyber Sainik

Security Analyst

bengaluru

2.0 - 5.0 yrs

INR 0 - 1 Lacs

Mock Interview

Practice Video Interview with JobPe AI

Start Job-Specific Interview

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.