Threat Analyst
New
IndiaFull-TimeMiddle
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 4–6 years
- Required Skills
- Python
Requirements
- 4–6 years of experience in a SOC, MDR, incident response, or cybersecurity operations role.
- Bachelor’s degree in Information Technology, Computer Science, cybersecurity, or a related field, or equivalent professional experience.
- Experience investigating endpoint and network security alerts using EDR and SIEM platforms.
- Strong understanding of ransomware attack techniques, intrusion methods, and adversary behaviors.
- Hands-on experience analyzing Windows and Linux systems, including logs, processes, and security events.
- Experience analyzing malware behavior, suspicious scripts, and performing deobfuscation techniques.
- Familiarity with adversary tactics, techniques, and the MITRE ATT&CK framework.
- Knowledge of Windows Event Logs, Linux logging, Active Directory concepts, and identity security investigations.
- Understanding of cloud security fundamentals and suspicious authentication analysis.
- Ability to analyze network traffic, including TCP/IP, DNS, and HTTP/S protocols.
- Strong scripting skills, including PowerShell and Python or other programming languages.
- Excellent documentation, communication, and investigative reporting skills.
Responsibilities
- Investigate escalated security alerts and incidents across endpoint, network, cloud, and identity environments.
- Perform detailed analysis to determine attack scope, root cause, lateral movement, persistence methods, and potential business impact.
- Support ransomware investigations by analyzing attacker behaviors, credential abuse, malware activity, and intrusion techniques.
- Analyze suspicious scripts, malware samples, and indicators of compromise through reverse engineering and deobfuscation techniques.
- Conduct proactive threat hunting activities based on threat intelligence, investigative hypotheses, and emerging attack patterns.
- Investigate suspicious authentication activity, privilege escalation attempts, and identity-related security events.
- Perform Windows and Linux system investigations, including process analysis, event log review, and system-level analysis.
- Correlate information from multiple security platforms, including EDR, SIEM, cloud logging systems, and identity solutions.
- Document investigation findings clearly and provide actionable remediation recommendations.
- Participate in rotational schedules supporting continuous monitoring and response operations.
View Full Description & ApplyYou'll be redirected to the employer's site