Senior Security Analyst

About the Role

We are looking for a Senior Security Analyst with extensive hands-on experience in email security, Microsoft security technologies, vulnerability management, SIEM monitoring, and incident response. The ideal candidate will possess practical experience in defending organizations against phishing, impersonation/BEC attacks, endpoint threats, and other cyber threats, while continuously enhancing the organization's security posture.

Key Responsibilities

Email Security

• Manage and optimize Proofpoint and Microsoft Defender for Office 365.
• Design and implement anti-phishing, impersonation, and BEC protection policies.
• Investigate user-reported phishing emails, perform header and URL analysis, and execute remediation.
• Identify emerging email-based attack patterns and implement preventive controls.

Microsoft Security & Identity

• Secure Exchange Online, Microsoft Entra ID, and Microsoft 365 environments.
• Implement and manage Conditional Access policies, identity protection policies, and authentication security controls.
• Support the implementation of Zero Trust security architecture.

Vulnerability Management

• Perform vulnerability scanning and remediation for Windows servers, Linux servers, and endpoints.
• Utilize tools like Tenable or Qualys to identify, prioritize, and track vulnerabilities.
• Collaborate with infrastructure teams for timely remediation and validation.

Endpoint Security

• Investigate alerts from EDR solutions such as Sophos or Microsoft Defender for Endpoint.
• Analyze endpoint threats and coordinate containment and remediation actions.

SIEM & Security Monitoring

• Monitor and manage SIEM platforms including Microsoft Sentinel, Wazuh, or similar.
• Develop and tune detection rules, alerts, and dashboards.
• Perform log analysis, threat detection, and investigation of security alerts.

Incident Response & Forensics

• Participate in security incident response and digital forensic investigations.
• Conduct root cause analysis and propose security improvements.

Risk & Third-Party Security

• Conduct security risk assessments across infrastructure and applications.
• Perform third-party/vendor security assessments and identify potential risks.

Qualifications

Mandatory Skills

• 5+ years of experience in cybersecurity or security operations, preferably in enterprise environments.
• Strong hands-on experience managing email security platforms like Proofpoint and Microsoft Defender for Office 365, including protection against phishing, impersonation, and BEC attacks.
• Experience securing Microsoft environments including Exchange Online, Microsoft Entra ID, and Microsoft 365 security controls, such as Conditional Access and identity protection policies.
• Hands-on experience investigating endpoint threats using EDR platforms like Sophos or Microsoft Defender for Endpoint.
• Experience performing vulnerability management using Tenable or Qualys, including analysis, prioritization, and remediation tracking for Windows, Linux, and endpoint systems.
• Hands-on experience with SIEM platforms such as Microsoft Sentinel, Wazuh, or similar, including log analysis, alert investigation, and detection rule tuning.
• Experience investigating security incidents and performing root cause analysis involving phishing attacks, endpoint compromises, or suspicious authentication activity.
• Good understanding of Zero Trust architecture principles and enterprise security implementations.
• Strong knowledge of Windows and Linux security fundamentals.

Good to Have

• Security certifications such as CISSP, CISM, CEH, SC-200, or SC-300.
• Experience with cloud security (Azure or AWS).
• Experience with security automation or scripting (Python, PowerShell, Bash).
• Knowledge of security frameworks like NIST, ISO 27001, or CIS Controls.