Information Security Analyst

Join our Enterprise Security team as an Information Security Analyst and play a hands-on role in defending the enterprise against real-world threats. If you enjoy solving security problems, diving deep into alerts, building detections, and proactively hunting threats, this role is for you. You'll work in a modern SOC environment with advanced SIEM, XDR, email security, and cloud platforms, contributing directly to strengthening our security posture.

The Core Responsibilities For The Job Include The Following

Security Monitoring and Incident Response:

• Monitor and investigate alerts across SIEM, XDR, IDS/IPS, and email security tools.
• Own incident response end-to-end: triage, containment, RCA, and reporting.
• Improve and maintain IR playbooks and runbooks.
  
  

Threat Hunting And Intelligence

• Run hypothesis-based threat hunts using TTPs, IOCs, and behavioral patterns.
• Bring OSINT and threat intel insights into daily SOC workflows.
• Monitor the dark web for leaked credentials and data exposure.
  
  

Detection Engineering And Automation

• Build and tune high-quality detections using MITRE ATT& CK and CK
• Enhance SIEM dashboards, correlation rules, and SOAR automations.
• Reduce false positives and improve SOC efficiency.
  
  

Network, Email, And Cloud Security

• Analyze network traffic, packet captures, and protocol behaviors.
• Support NGFW- and WAF-based defenses.
• Investigate phishing attempts and strengthen email security.
  
  

Log Engineering And Purple Teaming

• Onboard/validate log sources and ensure telemetry completeness.
• Use Linux, scripts, and APIs for log testing and troubleshooting.
• Purple teaming to validate detections and test defenses.
  
  

Requirements

• 2+ years experience in SOC, IR, threat detection, or blue team operations.
• Hands-on experience with SIEM/XDR (preferably Google SecOps) platforms and alert analysis.
• Strong understanding of email security, EDR, networks, and cloud basics.
• Familiarity with MITRE ATT& CK and CK, cyber kill chain, and IOC/BIOC creation.
• Comfortable with Linux, scripting fundamentals, and API tools (Postman).
  
  

Preferred Certifications

• Google Professional Security Operations Engineer.
• APIsec University - API Pen Testing.
• SOC/IR, EDR, or cloud security certifications (any).
  
  

Soft Skills That Matter

• Clear communicator with strong documentation discipline.
• Calm under pressure, especially during active incidents.
• Curious, detail-oriented, and always eager to learn.
  
  

Must-Have Skills

• 2+ years in SOC/IR, threat detection, or blue team operations.
• Hands-on with SIEM/XDR (ideally Google SecOps), alert triage, and investigation.
• Strong basics in email security, EDR, networks, and cloud.
• Experience with incident response (triage, containment, and RCA reporting).
• Threat hunting using TTPs/IOCs and familiarity with MITRE ATT& CK.
• Ability to build/tune detections and reduce false positives.
• Linux fundamentals, basic scripting, and API tools (Postman).
• Log onboarding/validation and basic purple team validation.
• Strong communication, documentation, and calmness during incidents
  
  

Good-to-Have Skills

• Certifications: Google SecOps Engineer, APIsec, SOC/IR/Cloud certs.
• Experience with SOAR automation, SIEM dashboarding, and correlation logic.
• NGFW/WAF exposure and network packet analysis.
• Dark web monitoring and adversarial simulation experience.
• Strong scripting (Python/Bash/PowerShell) for automation.
• Additional cloud security hands-on and IAM familiarity.
  
  

This job was posted by Sudeshna Mohanty from ZEE - Technology & Innovation.