Cyber Defense Analyst
New
IndiaFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years
- Required Skills
- AWSPythonAzure
Requirements
- 5+ years of experience in information security, ideally including direct experience in incident response, cyber defense, or security operations in a corporate or enterprise environment.
- Hands-on experience with SIEM platforms, including creating and using searches, dashboards, alerts, and investigations; experience with CrowdStrike NG-SIEM strongly preferred.
- Experience with Microsoft 365 security technologies, including Microsoft Defender XDR for email, identity, and collaboration platforms.
- Basic knowledge of networking concepts and cloud environments, including AWS and Azure.
- Foundational knowledge of Windows and macOS.
- Strong written and verbal communication skills, including clear incident documentation and the ability to communicate technical findings to non-technical stakeholders in a global environment.
- Familiarity with MITRE ATT&CK, NIST CSF, CIS Controls, or similar security frameworks is preferred.
- Basic familiarity with scripting or query languages such as PowerShell, Python, or similar to support automation and analysis is preferred.
- Experience supporting vulnerability management processes using tools such as Tenable and Wiz, including triage, validation, prioritization, and remediation tracking is preferred.
- Bachelor's Degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
- CCSP, GCIH, CySA+, GSEC, SSCP or similar cybersecurity certification required.
Responsibilities
- Monitor, triage, and analyze security alerts, telemetry, and log data across enterprise security platforms, including SIEM and other detection technologies.
- Perform in-depth analysis of exploits, attacker behavior, and anomalous activity across endpoint, identity, network, cloud, and application data sources.
- Review and correlate security events in the SIEM to identify threats, validate detections, and support timely incident declaration and escalation decisions.
- Document investigative findings, response actions, and evidence throughout the incident lifecycle, and provide timely status updates to leadership and stakeholders.
- Conduct proactive threat hunting and threat research to identify emerging risks, adversary techniques, and gaps in current detection coverage.
- Contribute to detection engineering and response automation efforts that improve Cyber Defense monitoring and containment capabilities.
- Support security tooling operations by helping maintain the effectiveness, reliability, and visibility of core defensive technologies used by the Cyber Defense team.
- Assist with the development and refinement of incident response processes, playbooks, workflows, and operational procedures to improve overall Cyber Defense effectiveness.
- Communicate intrusion activity, incident details, threat trends, and recommended actions clearly to internal stakeholders and leadership.
- Partner with infrastructure teams and system owners to review vulnerability findings, help prioritize remediation, and track closure of high-risk issues.
View Full Description & ApplyYou'll be redirected to the employer's site
