Job
Description
Job Title: SOC Analyst Location: Bangalore (on site) Experience Level: 1 to 4 years The candidate must be willing to work in rotational shifts 24/7. About ColorTokens At ColorTokens , we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happen but with our cutting-edge ColorTokens Xshield platform , companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained, ensuring critical assets remain protected. Our innovative platform provides unparalleled visibility into traffic patterns between workloads, OT/IoT/IoMT devices, and users, allowing businesses to enforce granular micro-perimeters, swiftly isolate key assets, and respond to breaches with agility. Recognized as a Leader in the Forrester Wave : Microsegmentation Solutions (Q3 2024) , ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions. Join us in transforming cybersecurity. Learn more at www.colortokens.com . Our culture We foster an environment that values customer focus, innovation, collaboration, mutual respect, and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives autonomously. Self-starters and highly motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of the world s impactful organizations - be it a children s hospital, or a city, or the defense department of an entire country. Company Overview: ColorTokens is a fast-growing cybersecurity product company that is redefining the way enterprises protect their digital assets. Our market-leading Xshield platform enables Zero Trust microsegmentation and real-time visibility into application traffic, ensuring robust protection against modern cyber threats. We are looking for passionate and driven individuals to join our mission in building cutting-edge security products. Job Description: Skills and Experience: 1 to 4 years of experience in Cyber Incident response and investigations. Correlate and analyze events using the Splunk/Log Rhythm/Qradar and stellar cyber SIEM tool to detect IT security incidents. Knowledge of network and endpoint security, threat intelligence, and vulnerabilities. Conduct analysis of log files, including forensic analysis of system resource access. Monitor multiple security technologies, such as SIEM, IDS/IPS, Firewalls, Switches, VPNs, networking, and other security threat data sources. Knowledge of sandbox and malware analysis. Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks functionality. Possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc. CCNA, CEH, CISSP, GCA, GCIA, GCIH, SANS certification would be preferable. High level of integrity, professionalism, and attention to detail Ability to communicate complex security issues to peers and management alike. A motivated, self-managed individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure. Roles & Responsibilities: Investigate alerts, triage, deep dives, and come up with proper action items and remediation plans. Conduct investigation, containment, and other response activities with business stakeholders and groups. Compose incident analysis and find reports for management, including gap identification and recommendations for improvement. Recommend or develop new detection logic and tune existing sensors/security controls. Participate in security incident response through in-depth, technical (log, forensic, malware, packet) analysis. Provide oversight of security alert detection and analysis capabilities across multiple technologies to ensure that security incidents are identified in a timely manner. Escalate and support potential security incidents in line with appropriate processes. Support communications of potential security incidents via multiple channels. Participate in the response to potential security incidents by identifying and communicating relevant supplementary information. Identify and analyze new and emerging threats to determine impacts to G-P and provide guidelines and recommendations pertaining to opportunities to strengthen G-P security posture. Assist with information security due diligence requests as needed. Provide security recommendations to other team members, management, and business stakeholders for solutions, enhancements to existing systems, and new security tools to help mitigate security vulnerabilities and automate repeatable tasks. Conduct security reviews, perform vulnerability assessments, recommend remediation actions, and manage security policies and access controls to monitor, protect, and govern data and applications across private and cloud environments. Qualifications: Education: Bachelor s degree in information technology, Computer Science, Business, Engineering required, or equivalent experience. Certifications: Advanced certifications such as OSCP, GCIH, GSOC, or GCIA. Incident Response Experience: 1 to 4 years of experience in Cyber Incident response and investigations. Strong interpersonal skills with the ability to collaborate well with others. And, strong written, verbal and communication skills must be needed. Why Join Us? Work on a cutting-edge cybersecurity product in a fast-paced startup environment. Collaborate with a world-class team of engineers and security experts. Opportunity to learn, grow, and make a real impact from day one.
