CYBER security Analyst

Notice Period: Immediate

Employment Type: Full-time

Role: SME CyberSec Analyst (SOC / Vulnerability Management)

Experience: 7+ Years

Location: Chennai, Tamil Nadu, India

About The Role

Cortex Consultants LLC is seeking a Senior Security Operations Engineer to enhance our 24x7 Cybersecurity Operations. In this vital role, you will be instrumental in driving threat detection, incident response, and comprehensive vulnerability management. Your responsibilities will include improving monitoring capabilities, implementing automation, and elevating response maturity across our enterprise and cloud environments.

What You’ll Do

• Monitor, investigate, and respond to security alerts and incidents at L2/L3 levels.
• Lead and manage the Vulnerability Management program, encompassing asset discovery, scanning, risk-based prioritization, remediation tracking, and reporting.
• Collaborate effectively with IT and application teams to ensure timely vulnerability remediation and adherence to Service Level Agreements (SLAs).
• Develop and tune Security Information and Event Management (SIEM) use cases, correlation rules, and dashboards.
• Lead incident response efforts, including triage, containment, eradication, and recovery.
• Perform proactive threat hunting utilizing frameworks such as MITRE ATT&CK and threat intelligence.
• Integrate and analyze logs from various sources including EDR, firewalls, email security gateways, VPNs, SASE, and cloud platforms.
• Identify security control gaps and recommend strategic security improvements.
• Build and maintain playbooks, Standard Operating Procedures (SOPs), and automate workflows using Security Orchestration, Automation, and Response (SOAR) platforms or scripts.
• Participate in an on-call rotation to address critical security incidents.

Core & Must-Have Skills

• SIEM: Proficient with Splunk, Microsoft Sentinel, QRadar, or ELK for use case development and tuning.
• Incident Response & Threat Hunting: Demonstrated hands-on experience in security detection and investigation.
• Vulnerability Management (Core): Strong, end-to-end experience in the lifecycle, including asset discovery, scanning (Qualys, Rapid7, Nessus), risk-based prioritization, remediation tracking, and reporting.
• Network Security: Solid understanding of TCP/IP, DNS, HTTP, and proficiency with tools like Wireshark, Zeek, and Nmap.
• EDR & Email Security: Experience with solutions such as CrowdStrike, Defender, SentinelOne, Proofpoint, or Abnormal.
• Cloud Security: Experience with AWS, Azure, or GCP security monitoring and controls.
• Scripting/Automation: Proficiency in Python, PowerShell, or Bash.
• OS Security: Strong knowledge of Windows and Linux operating systems.
• Frameworks: Familiarity with MITRE ATT&CK, common attack vectors, and Tactics, Techniques, and Procedures (TTPs).

Good to Have Skills

• Malware analysis (static/dynamic).
• Experience with SOAR platforms and automation pipelines.
• Exposure to SASE, Data Loss Prevention (DLP), Intrusion Detection/Prevention Systems (IDS/IPS).
• Experience with digital forensics and Advanced Persistent Threat (APT) investigations.

Soft Skills

• Strong analytical and problem-solving abilities.
• Clear and effective communication with both technical and business stakeholders.
• Ability to prioritize tasks and perform effectively in high-pressure environments.
• Experience working with global and distributed teams (onshore-offshore).

Compliance & Certifications

• Familiarity with ISO 27001, GDPR, and HIPAA.
• Preferred Certifications: CISSP, CEH, GCIA, CCSE (ITIL is a plus).

Why Join Us?

• Work with cutting-edge security tooling and large-scale environments.
• Be an integral part of a global Security Operations Center (SOC) with significant visibility and impact.
• Opportunity to drive automation and modern detection engineering initiatives.

Apply now to become a key member of our rapidly expanding cybersecurity team.