Security Operations Analyst

As a Security Operations Analyst within Enterprise Information Technology at ZS Associates, you will be instrumental in managing and enhancing our security posture. Your core responsibilities will include the day-to-day operations of Microsoft Sentinel, encompassing rule creation, log ingestion, data analytics, and alert triaging. You will develop and fine-tune detection rules, use cases, and analytics within Sentinel to bolster our threat visibility and detection capabilities.

Leveraging Wiz Defend, you will detect and respond to runtime threats across cloud workloads and Kubernetes environments in real-time. This involves continuously monitoring and investigating alerts generated by Wiz Defend to refine threat detection, triage, and incident response processes. Proactive threat hunting to identify and mitigate advanced threats is also a key aspect of this role. You will conduct in-depth incident investigations and coordinate response efforts to ensure swift and effective remediation.

Collaboration is crucial; you will work closely with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats. Generating reports and dashboards to communicate SOC performance metrics and the overall security posture to leadership is expected. A commitment to continuously improving SOC processes and playbooks to streamline operations and response efforts is essential. Furthermore, you will mentor junior SOC analysts and provide guidance on security best practices.

This role requires participation in a rotational shift schedule. Flexibility and availability to respond to urgent incidents outside of assigned shifts, as needed, are necessary.

What You'll Bring:

• Strong analytical and problem-solving abilities.
• Excellent communication and interpersonal skills for effective cross-functional collaboration.
• Proven ability to remain calm and efficient in high-pressure environments.
• Proficiency in SIEM tools, particularly Microsoft Sentinel.
• Experience with data migration strategies across SIEM platforms.
• Experience with Cloud Security Operations and Incident Response platforms like Wiz.
• In-depth understanding of cyber threats, vulnerabilities, and attack vectors.
• Proficiency in creating KQL queries and custom alerts within Microsoft Sentinel.
• Expertise in developing SIEM use cases and detection rules.
• Fluency in English.
• Client-first mentality, intense work ethics, and a collaborative, problem-solving spirit.

How You'll Grow:

ZS Associates offers opportunities for cross-functional skills development and custom learning pathways. You'll benefit from milestone training programs aligned with career progression and internal mobility paths that empower growth through s-curves, individual contribution, and role expansions.