Senior Security Operations Analyst

Roles:

1. Minimum 5 years of experience in Cyber Incident Management and

Response, handling end-to-end investigations for global customers. Must

have hands-on expertise with Google Chronicle for threat detection,

correlation, and analysis.

2. Lead phishing response and awareness initiatives using tools like KnowBe4,

analyze campaign metrics, and drive improvements in user resilience across

large enterprise environments (2000+ users).

3. Perform advanced triage, correlation, and root cause analysis of alerts from

multiple sources (SIEM, EDR, Email Security, DLP, etc.) and

recommend/execute appropriate containment and remediation actions.

4. Serve as an escalation point for L1 analysts, validate their investigations,

provide guidance on complex incidents, and ensure accuracy and completeness

of incident documentation.

5. Conduct threat hunting and assist L3 teams by identifying and enriching

Indicators of Compromise (IOCs) and supporting forensic or malware analysis

activities.

6. Manage and monitor Cloud Security Posture Management (CSPM) activities

across AWS and GCP environments, leveraging Command Center and Wiz

integration to identify misconfigurations, policy violations, and compliance

gaps.

7. Enhance SOC capabilities by updating playbooks, SOPs, and Known Error

Database (KEDB), and by suggesting improvements to detection and response

workflows.

8. Track and validate closure of vulnerabilities and misconfigurations, ensuring

timely remediation and continuous improvement of the organizations security

posture.

9. Support SOAR automation initiatives to streamline incident response and

reduce Mean Time to Detect and Respond (MTTD/MTTR).