SME Cyber Security Analyst (SOC & Vulnerability Management)

Job Title: SME Cyber Security Analyst (SOC & Vulnerability Management)

Location: Chennai (Hybrid)

Employment Type: Full-Time

Experience Required: 6–10 Years

Notice Period: Immediate Joiners Preferred (Within 2 Weeks)

Job Summary

We are seeking an experienced SME Cyber Security Analyst with strong expertise in Vulnerability Management, Security Operations, Incident Response, and Threat Hunting. The ideal candidate must have extensive hands-on experience managing the complete vulnerability lifecycle, including asset discovery, vulnerability assessments, risk-based prioritization, remediation tracking, stakeholder coordination, and executive reporting. This role will play a critical part in strengthening the organization's security posture through proactive risk identification and mitigation.

Core Requirements

• Strong hands-on experience in Vulnerability Management (Mandatory).

• Expertise in managing the complete vulnerability management lifecycle, including asset discovery, vulnerability scanning, risk assessment, prioritization, remediation tracking, validation, and reporting.

• Hands-on experience with vulnerability assessment tools such as Qualys, Rapid7 InsightVM, Tenable Nessus, or similar platforms.

• Experience driving remediation efforts with infrastructure, application, cloud, and business teams while ensuring SLA compliance.

• Ability to analyze vulnerabilities, determine business risk, identify compensating controls, and provide remediation recommendations.

• Strong understanding of CVSS scoring, risk-based vulnerability prioritization, and vulnerability governance.

• Experience creating vulnerability metrics, dashboards, and executive-level reporting.

Additional Required Skills

• SIEM Platforms: Splunk, Microsoft Sentinel, QRadar, or ELK.

• Incident Response and Threat Hunting.

• Network Security fundamentals including TCP/IP, DNS, HTTP, and HTTPS.

• EDR Platforms such as CrowdStrike, Microsoft Defender, and SentinelOne.

• Email Security solutions such as Proofpoint and Abnormal Security.

• Cloud Security monitoring and controls across AWS, Azure, and GCP.

• Scripting and automation using Python, PowerShell, or Bash.

• Strong Windows and Linux security administration knowledge.

• MITRE ATT&CK framework and threat intelligence expertise.