Associate Cybersecurity Analyst

Key Responsibilities

• Monitor and analyze security alerts from SIEM and XDR platforms, with a preference for Microsoft Defender and Microsoft Sentinel.
• Investigate and execute security incident response procedures, including containment, eradication, and recovery.
• Perform in-depth log analysis and develop/customize detection rules using Kusto Query Language (KQL).
• Conduct thorough phishing investigations and implement industry-standard email security best practices.
• Collaborate with IT and security teams to deploy preventive measures and strengthen the overall security posture.
• Apply frameworks such as MITRE ATT&CK and Cyber Kill Chain for threat modeling, analysis, and proactive threat hunting.
• Conduct health checks on Azure Virtual Machines and other Azure cloud resources.
• Generate detailed incident reports, create insightful dashboards, and provide trend analytics to stakeholders.
• Support and collaborate with the Senior Vulnerability Analyst on the end-to-end vulnerability management lifecycle across servers, endpoints, applications, and cloud workloads.
• Assist with vulnerability scanning using tools like Tenable, analyze scan results, validate true positives, and identify high-risk exposures.
• Coordinate with IT, infrastructure, and application teams to track remediation efforts and ensure vulnerabilities are addressed within defined Service Level Agreements (SLAs).
• Prioritize vulnerabilities based on severity, business impact, exploitability, and threat intelligence.
• Maintain vulnerability metrics, generate weekly/monthly reports, and escalate critical risks as necessary.
• Contribute to enhancing detection capabilities, improving configuration hygiene, and reducing the occurrence of recurring or systemic vulnerabilities.

Location

India, Bengaluru/Mumbai

Qualifications

Required Skills & Qualifications

• A Bachelor's degree in Computer Science, Information Technology, or a related field.
• 2-3 years of experience in Security Operations Center (SOC) operations or cybersecurity roles.
• Minimum of 1 year of hands-on experience with Linux/Unix OS administration and security.
• Strong working knowledge of Microsoft XDR and Microsoft Sentinel for threat detection and response.
• Proficiency in KQL for log analysis and crafting custom detection rules.
• Solid understanding of incident handling processes (containment, eradication, recovery).
• Familiarity with phishing investigation techniques and email security best practices.
• Knowledge of the MITRE ATT&CK framework, Cyber Kill Chain, and threat hunting methodologies.
• Experience in managing and securing Azure Virtual Machines.
• Exceptional analytical and problem-solving skills with meticulous attention to detail.
• Excellent communication and reporting skills for effective cross-team collaboration.

Why Join Us

• Engage with cutting-edge cybersecurity technologies.
• Thrive in a collaborative and growth-focused work environment.
• Benefit from continuous learning and professional development opportunities.