Overview:
The Senior Information Security Analyst will be responsible for designing, implementing, and maintaining security solutions to protect the organization's data and infrastructure. This role involves managing security tools end-to-end, performing risk assessments, leading vendor proof-of-concepts (POCs), and guiding the team during critical incidents. The candidate will ensure security best practices are followed and participate in Change Management processes to maintain a secure environment.
Roles and Responsibilities:
- Implement, maintain, and design security solutions across the organization.
- Deploy new security requirements and solutions to meet evolving threats.
- Conduct risk assessments and identify vulnerabilities.
- Establish security standards and best practices aligned with organizational needs.
- Manage security tools end-to-end, including deployment, configuration, and optimization.
- Collect and normalize logs from servers, applications, firewalls, IDS/IPS, and cloud services.
- Develop advanced correlation rules for threat detection using CQL
- Evaluate and perform vendor POCs for new security technologies.
- Lead and guide the team during critical security incidents.
- Investigate and resolve security issues promptly.
- Participate in the change management process to ensure security controls are maintained.
- Ensure compliance with regulatory and organizational security requirements.
- Develop Standard Operating Procedures as per requirements
- Communicate effectively with Senior leadership/stakeholders/compliance team
- Ensure systems align with security standards and organizational policies
- Build SOAR playbooks to streamline incident response.
Required skills:
- Core experience in managing Information Security Tools - CrowdStrike, SPLUNK, Tripwire, Nessus etc.
- Experience in conducting POCs, establishing security best practices, deploying new Information security solutions as per the Organizational requirements.
- Experience in vulnerability management, Threat Intelligence
- Sound knowledge of Tactics, techniques and Procedures used by adversaries in Information Security world.
- Familiarity with MITRE ATTACK framework
- Basic understanding of Active Directory
- Effective communication and collaboration skills.
- Should be able to demonstrate good incident response skills in case of critical incidents
- Moderate understanding of Windows and Linux operating systems, as well as command line tools
- Excellent problem-solving and analytical skills.
- Strong verbal as well as written communication skills. Candidate should be able to work directly with senior leadership whenever required.
- Proficiency in MS Office.
Certifications:
- Certified Ethical Hacker (CEH).
- CompTIA Security+
- Any certificate related to CrowdStrike/Splunk management
Qualification:
- Bachelor's degree in computer science, Information Security, or related field.
- 6+ years of experience [Minimum 6 years in information security engineering, with at least 2 years in a senior role.]
