Job
Description
Title: SOC Analyst Business Area: Information Security Location: Gurugram Job Overview: We are seeking a highly skilled Senior Security Analyst to join our Security Operations Centre (SOC) cybersecurity team in the financial services industry. This role is critical in proactively identifying, exploiting, and mitigating security vulnerabilities that could impact financial systems, customer data, and transaction integrity. You will leverage offensive security techniques, advanced penetration testing, and cyber threat hunting to strengthen our defences against fraud, cybercriminals, and nation-state adversaries. As a Senior Security Analyst, you will simulating sophisticated cyberattacks to test the resilience of our financial networks, digital banking platforms, and payment systems. Your expertise in adversary emulation and threat intelligence will help protect our institution against emerging cyber threats, including ransomware, financial fraud, insider threats, and nation-state attacks. Key responsibilities: Conduct ethical hacking and assessments on financial applications, payment systems, cloud infrastructure, and internal networks to uncover security weaknesses. Experience of performing penetration testing on core banking systems, fintech applications, APIs and digital payment platforms. Simulate real-world cyber threats, including financial fraud, business email compromise (BEC), phishing attacks, and advanced persistent threats (APTs). Engage in proactive cyber threat hunting to detect unauthorised access, fraudulent transactions, and insider threats. Test anti-fraud mechanisms, multi-factor authentication (MFA) resilience, and biometric authentication systems for potential security loopholes. Work to improve real-time threat monitoring and fraud prevention strategies. Research and analyse financial cybercrime trends, dark web activities, and nation-state attack tactics targeting financial institutions. Assist in incident response by providing analysis of breaches, fraudulent activities, and unauthorised access attempts. Develop custom cybersecurity tools and attack simulation frameworks to strengthen financial system security testing. Qualifications & Skills: Required: Written skills and experience with documenting risk assessments. Bachelors degree in Cybersecurity, Computer Science, Information Security, or a related field (or equivalent experience). 8+ years of experience in penetration testing, red teaming, or ethical hacking, specifically in the financial services industry. Strong understanding of financial cyber threats, including banking Trojans, ATM malware, account takeover (ATO) attacks, and card-not-present (CNP) fraud. Expertise in penetration testing tools (Metasploit, Burp Suite, Cobalt Strike, Kali Linux, Empire, Blood Hound, Purple Knight, etc). Proficiency in network security, cloud security (AWS, Azure, Google Cloud), and system hardening techniques. Experience with financial fraud detection, transaction monitoring, and fraud intelligence tools. Hands-on experience with Active Directory (AD) attacks, privilege escalation, and lateral movement. Knowledge of MITRE ATT&CK framework, tactics, techniques, and procedures (TTPs) of financial cybercriminals. Familiarity with regulatory frameworks such as PCI DSS, SOX, GDPR, and NIST CSF. Preferred: Offensive security certifications: OSCP, OSCE, OSEP, CRTO, CISSP, GXPN, or CEH Master.
