Senior Security Analyst

ColorTokens is seeking a skilled and detail-oriented Senior Security Analyst (L2) to join their Managed Security Operations Center (SOC) in the Greater Bengaluru Area. This role is pivotal in investigating security alerts, managing medium-to-high severity incidents, and actively contributing to threat detection and response efforts. The Senior Security Analyst will serve as a primary escalation point for L1 analysts, while also collaborating with senior team members on complex investigations and advanced response activities. The ideal candidate possesses profound technical expertise in cybersecurity, exceptional analytical abilities, and a comprehensive understanding of modern attack methodologies across both IT and OT environments. Key responsibilities include investigating and responding to security incidents, performing initial and intermediate forensic analysis on various data sources, and correlating security data from SIEM, EDR, NDR, and threat intelligence feeds. The role also involves assisting with proactive threat hunting, supporting the development and tuning of detection rules and SIEM use cases, and executing incident response playbooks. Accurate documentation of findings and participation in post-incident analysis are crucial. Collaboration with internal teams such as threat intelligence, engineering, and customer success is essential for effective incident resolution. The position also offers opportunities for knowledge sharing and mentoring junior analysts. Required skills include 5-8 years of SOC operations experience, a solid understanding of attack techniques and the MITRE ATT&CK framework, and hands-on experience with SIEM (Splunk, Microsoft Sentinel, QRadar), EDR/XDR (CrowdStrike, Microsoft Defender for Endpoint, SentinelOne), and basic NDR tools. Familiarity with SOAR platforms, Windows/Linux systems, network fundamentals, cloud environments (Azure/AWS), and scripting/querying languages (KQL, Python, Bash, PowerShell) is also necessary. A Bachelor's degree in Cybersecurity, Computer Science, or a related field (or equivalent experience) is required, with advanced certifications like GIAC, OSCP, or CISSP being preferred. The company is looking for individuals with strong problem-solving skills, excellent communication abilities, a passion for staying current with cybersecurity trends, and a collaborative, mentoring mindset.