Threat Analyst

New
IndiaFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page

Job Details

Experience
4–6 years
Required Skills
Python

Requirements

  • 4–6 years of experience in a SOC, MDR, incident response, or cybersecurity operations role.
  • Bachelor’s degree in Information Technology, Computer Science, cybersecurity, or a related field, or equivalent professional experience.
  • Experience investigating endpoint and network security alerts using EDR and SIEM platforms.
  • Strong understanding of ransomware attack techniques, intrusion methods, and adversary behaviors.
  • Hands-on experience analyzing Windows and Linux systems, including logs, processes, and security events.
  • Experience analyzing malware behavior, suspicious scripts, and performing deobfuscation techniques.
  • Familiarity with adversary tactics, techniques, and the MITRE ATT&CK framework.
  • Knowledge of Windows Event Logs, Linux logging, Active Directory concepts, and identity security investigations.
  • Understanding of cloud security fundamentals and suspicious authentication analysis.
  • Ability to analyze network traffic, including TCP/IP, DNS, and HTTP/S protocols.
  • Strong scripting skills, including PowerShell and Python or other programming languages.
  • Excellent documentation, communication, and investigative reporting skills.

Responsibilities

  • Investigate escalated security alerts and incidents across endpoint, network, cloud, and identity environments.
  • Perform detailed analysis to determine attack scope, root cause, lateral movement, persistence methods, and potential business impact.
  • Support ransomware investigations by analyzing attacker behaviors, credential abuse, malware activity, and intrusion techniques.
  • Analyze suspicious scripts, malware samples, and indicators of compromise through reverse engineering and deobfuscation techniques.
  • Conduct proactive threat hunting activities based on threat intelligence, investigative hypotheses, and emerging attack patterns.
  • Investigate suspicious authentication activity, privilege escalation attempts, and identity-related security events.
  • Perform Windows and Linux system investigations, including process analysis, event log review, and system-level analysis.
  • Correlate information from multiple security platforms, including EDR, SIEM, cloud logging systems, and identity solutions.
  • Document investigation findings clearly and provide actionable remediation recommendations.
  • Participate in rotational schedules supporting continuous monitoring and response operations.
View Full Description & ApplyYou'll be redirected to the employer's site
View details
Apply Now