Information Security Analyst

Join Guidewire Software's Security Operations Center (SOC) as a Security Analyst in Bengaluru, where you will play a vital role in safeguarding our global infrastructure. Your expertise in SIEM monitoring, incident response, networking, and cloud technologies will be crucial in detecting, investigating, and responding to security events. You will directly contribute to securing our AI-powered, cloud-delivered platform, ensuring its resilience and supporting Guidewire's mission to revolutionize the P&C insurance industry.

What you'll do

• Monitor SIEM alerts, dashboards, and security tools to identify intrusions, policy violations, and indicators of compromise across hybrid and cloud environments.
• Triage and investigate security incidents, including in-depth log analysis and packet capture interpretation, to coordinate containment, remediation, and recovery efforts.
• Utilize network and endpoint data, correlation rules, and playbooks to pinpoint root causes, assess impact, and recommend improvements to detection mechanisms and security controls.
• Collaborate with senior analysts and cross-functional teams to enhance alert fidelity, refine incident response runbooks, and strengthen access controls and reporting procedures.
• Embrace a culture of curiosity and innovation, leveraging emerging technologies and data-driven insights, including AI, to boost productivity and achieve better security outcomes.

What you'll bring

• 3-5 years of experience in security operations, intrusion analysis, SIEM monitoring, and incident response.
• A strong understanding of networking fundamentals, including TCP/IP and common protocols.
• Hands-on experience analyzing logs from security devices and web servers, and interpreting packet captures (e.g., tcpdump, Wireshark).
• Proficiency with Windows and Unix/Linux operating systems and command-line tools.
• Familiarity with network and security architecture concepts such as segmentation, proxies, VPNs, and identity providers.
• Experience with cloud incident response, particularly in AWS or GCP environments, is a plus.
• Knowledge of attack vectors, threat tactics, and attacker techniques (e.g., kill chain, MITRE ATT&CK framework) is beneficial.
• Excellent communication skills, enabling effective collaboration with both technical and non-technical stakeholders.
• A growth mindset, a strong willingness to learn, and the flexibility to work various shifts, potentially including weekends.
• Demonstrated ability to embrace AI and data-driven insights to enhance your role, drive innovation, and promote continuous improvement.

Preferred Qualifications

• Exposure to incident response for cloud-based and distributed infrastructures.
• Relevant certifications from SANS, Offensive Security, or ISC2.