Job
Description
ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS.
Our most valuable asset is our people .
At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems—the ones that comprise us as individuals, shape who we are and
make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about. Senior Security Operations Analyst
We are seeking an experienced professional to join our Pune, India office as a Senior Security Operations Analyst with a strong background in Security Information and Event Management (SIEM) platforms, specifically in Microsoft Sentinel and Wiz. The ideal candidate will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring the ZS environment remains secure against emerging threats. What you’ll do:
Manage the day-to-day operations of Microsoft Sentinel, including rule creation, log ingestion, data analytics, and alert triaging
Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities
Leverage Wiz Defend to detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time
Continuously monitor and investigate alerts generated by Wiz Defend to enhance threat detection, triage, and incident response capabilities
Perform proactive threat hunting to identify and mitigate advanced threats
Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation
Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats
Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership
Continuously improve SOC processes and playbooks to streamline operations and response efforts
Mentor junior SOC analysts and provide guidance on security best practices
This role requires participation in a rotational shift
Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed
What you’ll bring:
Strong analytical and problem-solving abilities
Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams
Proven ability to remain calm and efficient under a high-pressure environment
Proficient in using SIEM tools, such as Microsoft Sentinel
Experience with data migration strategies across SIEM platforms
Experience on Cloud Security Operations and Incident Response platforms such as Wiz
In-depth understanding of cyber threats, vulnerabilities, and attack vectors
Proficient in creating KQL queries and custom alerts within Microsoft Sentinel
Expertise in developing SIEM use cases and detection rules
Skilled in incident response and management procedures
Experienced in conducting deep-dive investigations and root cause analysis for incidents
Adept at collaborating with stakeholders to resolve complex cybersecurity challenges
Ability to automate routine SOC processes to enhance operational efficiency
Experienced in mentoring and guiding junior analysts in security operations
Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools
Good to have skills and abilities:
Excellent interpersonal (self-motivational, organizational, personal project management) skills
Knowledge of vulnerability management and scanning best practices such as CVE database and the CVS System
Ability to analyze cyber threats to develop actionable intelligence
Skill in using data visualization tools to convey complex security information
Academic Qualifications:
Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience)
4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management
Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks
Experience with SIEM migration
Expertise in incident response, threat detection, and security monitoring
Solid understanding of Windows, Linux, and cloud security concepts
Relevant certifications (e.g., CompTIA Security+, Microsoft CertifiedSecurity Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred
Preferred Security Cloud CertificationsAWS Security Specialty
Perks & Benefits
ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member. We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections. Travel
Travel is a requirement at ZS for client facing ZSers; business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures. Considering applying
At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above. ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law. To Complete Your Application
Candidates must possess or be able to obtain work authorization for their intended country of employment.An on-line application, including a full set of transcripts (official or unofficial), is required to be considered. NO AGENCY CALLS, PLEASE. Find Out More Atwww.zs.com
