Senior Security Operations Analyst

Who are we?

Roles and Responsibilities

• Threat Research - Research on new ATP's, Threats, identifying the new indicators of compromise (IOC's), Tactics, Techniques and Procedures (TTP's).
• Responsible for end-to-end security incident triage. Working with respective teams providing contextual information for security incident remediation.
• Recommend fine tuning and configuration changes to Security platforms which will improve the accuracy of detections and bring down the false positives
• Experience in creation and integration of playbooks and custom parsers for SOC tools
• Develop and maintain incident response play books and for continuous service improvements
• Analyse monthly Security reports from the platforms and vendors to identify trends and vulnerabilities within the infrastructure
• Conduct computer, network forensic investigation functions and malware analysis to determine the target
• Coordinate efforts with globally dispersed teams.
• Document decisions regarding technology choices, best practices and process.
• Contribute to architectural conversations and plans.
• Collaborate with engineers and development teams to integrate security practices into the CI/CD pipeline and automate security processes.
• Being on-call and providing after hours response.
• Subject matter expert in security audits and compliance assessments to ensure adherence to industry regulations (e.g., GDPR, HIPAA, SOC, ISO) and internal security requirements.
• Lead the creation of comprehensive security documentation and training materials for both technical and non-technical audiences.
• Lead collaborations with developers and engineers to simulate realistic cyber-attack scenarios aimed at identifying vulnerabilities in the applications and infrastructure.
• Provide the oversight of third-party Security Operations Center (SOC), and second-level incident investigation and triage.
• Mentor and guide junior security engineers, fostering their technical growth and professional development.
• Take lead to create documentation and training materials for Security Operations.

Education & experience

• Professional degree in Computer Science from a reputed college with consistent academic record
• 6+ years of experience in cybersecurity, with significant time spent in security operations.
• Expert knowledge of advanced cyber threats, attack methodologies, and countermeasures.
• Proficiency in SIEM, IDS/IPS, forensic tools, and threat intelligence platforms.
• Hands-on experience in security systems, including EDR, firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
• Strong expertise in incident response, threat hunting, and malware analysis
• Ability to discuss and articulate Security Frameworks, Technologies and Best practises
• Support Security Analysts to provide additional subject matter expertise
• Proven Experience with SIEM, EDR, IDS/IPS and network forensic tools
• Experience in handling Security Events, Incidents, Breaches and Zero days
• Exhibit good judgement in managing workload, including when to communicate project risks.
• In-depth understanding of cybersecurity principles, practices, and methodologies.
• Familiarity with common cyber threats, attack vectors, and vulnerabilities.
• Experience securing cloud environments, such as AWS, Azure, or Google Cloud.
• Proficient with incident response procedures and best practices.
• Knowledge of cryptographic protocols and key management.
• Proficiency in scripting languages (e.g., Python, PowerShell) to automate security tasks.
• Dedication to staying updated with the latest security trends, tools, and techniques.
• Proficiency in creating clear and comprehensive security documentation, reports, and procedures.
• Familiarity with relevant regulations (GDPR, HIPAA, etc.) and industry standards (ISO 27001, NIST).
• Excellent verbal and written English skills to collaborate with cross-functional teams and convey security concepts to non-technical stakeholders.
• Experience with common security tools, such as Burp/ZAP, Nessus, Kali Linux, etc.
• Experience with Threat Modelling and Vulnerability Management Tools
• Security certifications such as GCIH, GCIA, CASP or GCFA.

About our culture