Role Overview

We are seeking an experienced Senior Security Analyst for our Security Operations Center (SOC) in Bengaluru. This role is responsible for managing and optimizing SIEM operations, conducting attack surface monitoring, and supporting cyber insurance risk assessment and tracking. The ideal candidate will possess deep expertise in security monitoring, threat detection, and risk quantification to protect organizational assets. We are looking for a proactive, detail-oriented security professional with strong analytical skills, experience in threat intelligence, and proficiency with modern security operations tools. Expertise in security event correlation, incident investigation, and risk assessment methodologies is essential.

Key Responsibilities

• Monitor and analyze security events and alerts in real-time using SIEM platform to identify patterns and potential threats across enterprise infrastructure.
• Investigate security incidents, conduct root cause analysis, and provide detailed incident reports with remediation recommendations.
• Configure, tune, and optimize SIEM rules, dashboards, and alerts to improve detection accuracy and reduce false positives.
• Utilize an attack surface management platform to identify external vulnerabilities, exposed assets, and emerging threats targeting the organization.
• Track and report on attack surface findings including exposure of credentials, data leaks, domain takeovers, and other attack surface risks.
• Support cyber insurance risk assessment and tracking by providing security posture metrics, vulnerability reports, and compliance status.
• Develop and maintain cyber insurance risk dashboards showcasing organizational security metrics and insurance-relevant KPIs.
• Coordinate with the incident response team to manage critical security incidents and oversee remediation efforts.
• Maintain documentation of security procedures, incident timelines, and lessons learned for continuous improvement.
• Prepare security reports and metrics for management and insurance providers regarding security posture and risk levels.

Required Skills and Competencies

• Expert-level proficiency with SIEM platforms, including installation, configuration, rule development, and alert optimization.
• Hands-on experience with attack surface management platforms and threat intelligence feeds.
• Strong understanding of security event correlation, threat detection techniques, and incident investigation methodologies.
• Knowledge of cyber insurance requirements, compliance standards (ISO 27001, SOC 2, NIST), and risk quantification methodologies.
• Proficiency in SIEM rule writing, query languages, and log analysis (JSON, SQL, regular expressions).
• Understanding of network security, endpoint security, and cloud security monitoring concepts.
• Ability to create dashboards and reports for security metrics and KPIs.
• Strong analytical and problem-solving skills with meticulous attention to detail.
• Excellent written and verbal communication skills for effective stakeholder reporting.
• Experience with incident response procedures and coordination with response teams.
• Familiarity with threat intelligence sources and vulnerability databases.
• Knowledge of web application security, API security, and common attack vectors.

Preferred Certifications

• GIAC Security Essentials (GSEC) or Certified Incident Handler (GCIH)
• CompTIA Security+ or CEH (Certified Ethical Hacker)
• SIEM platform certification or equivalent hands-on experience
• SANS certifications in log analysis, incident handling, or security management
• SIEM-specific training or certifications
• Threat Intelligence Platform (TIP) certifications or hands-on experience