Senior Security Analyst
Location: Bengaluru, Karnataka, India (On-Site)
About GlobalGuard
GlobalGuard is a global cybersecurity company focused on delivering modern protection at scale. We help organisations protect critical communications, data, and cloud environments against rapidly evolving cyber threats, without adding complexity or slowing the business down.
Our solutions integrate cleanly into existing platforms and are used by organisations operating in regulated and high-risk environments worldwide.
MailGuard is GlobalGuard's cloud-based email security SaaS platform. It protects everyday business communications by preventing advanced email-borne threats before they disrupt operations or compromise trust.
MailGuard combines Secure Email Gateway (SEG) and Integrated Cloud Email Security (ICES) capabilities to strengthen native protections in platforms such as Microsoft 365. Originally established in 2001, MailGuard has continuously evolved to address zero-day threats and modern social engineering attacks, helping organisations reduce risk and keep email secure and reliable.
The opportunity
As a Senior Security Analyst in our 24/7 Security Operations Centre (SOC), you will act as an escalation point for complex investigations and help improve detection and response workflows. You will lead outbreak investigations, contribute to detection tuning and analytics, and support high-quality customer outcomes. This is a shift-based role. Participate in a rotating 24x7 shift roster once fully trained.
What you will do
- Maintain continuous monitoring of email security detections and customer-reported messages, ensuring timely triage and accurate classification
- Perform deep inspection of headers, sender infrastructure, URLs, attachments, authentication results, and mail flow artifacts to determine intent and impact
- Lead major email security incidents and outbreak investigations, including scoping, containment, eradication, and structured handovers across shifts
- Own or contribute to root cause analysis, post-incident reporting, and corrective and preventative actions
- Contribute to the development and refinement of detection rules, filters, and automation workflows to improve efficacy and reduce noise
- Produce trend and predictive analytics across spam and phishing volumes, outbreak indicators, and recurring infrastructure
- Develop and deliver operational reporting on threat trends, detection efficacy, and workload drivers
- Support client communications as required, including incident summaries and evidence-backed remediation guidance
- Maintain high-quality case notes and evidence for traceability and consistent execution across shifts
- Mentor analysts, uplift investigation quality, and drive consistent playbook execution
What you will bring
- 8+ security operations experience with demonstrated incident investigation and response capability
- Solid understanding of email security concepts and attacker techniques, including phishing, BEC, malware delivery, and campaign infrastructure
- Hands-on experience investigating emails, including header analysis, URL and attachment investigation, and authentication controls such as SPF, DKIM, and DMARC
- Experience tuning detections, reducing false positives, and improving operational processes in a high-volume environment
- Strong written and verbal communication skills, including clear documentation and collaboration in English across technical and non-technical stakeholders
- Working knowledge of core Internet protocols and services, including TCP/IP, SMTP, HTTP, DNS and TLS, plus strong familiarity with open-source tooling and platforms such as Git, Postfix/Sendmail and web servers
- Scripting or data skills (Python, PowerShell, SQL) to support enrichment, automation, and reporting
- Familiarity with threat intelligence sources, IOC workflows, sandboxing, or malware analysis techniques
- Experience working with product and engineering teams to improve security controls and observability
Why GlobalGuard
- Operate at the front line of modern email security and work on problems that matter
- Lead investigations, shape detection improvements, and raise operational maturity
- A practical, outcomes-focused culture that values learning, calm execution, and continuous improvement
How to apply
Apply via LinkedIn with your CV and a short note on your most relevant SOC investigations, the tools you have used, and examples of how you improved detection quality or reduced operational noise.
GlobalGuard is an equal opportunity employer. We welcome applicants from all backgrounds.
