Senior Security Analyst

Position Summary

We are seeking a skilled Senior Security Analyst to join our Security Operations Center (SOC) team. This individual will play a critical role in incident response, threat hunting, log and event analysis, and mentoring junior analysts. The ideal candidate will act as a Subject Matter Expert (SME), manage complex security incidents, and ensure SOC operations run effectively in alignment with organizational security goals and compliance requirements.

Key Responsibilities

Incident Response & Management

• Lead investigations for high-severity security incidents and breaches.
• Provide expert analysis for escalated incidents from L1 and L2 analysts.
• Develop, execute, and continuously improve incident response procedures.
• Ensure appropriate escalation and stakeholder communication during incidents.

Threat Hunting & Analysis

• Proactively hunt threats using SIEM tools like Splunk, QRadar.
• Leverage threat intelligence to detect emerging threats and vulnerabilities.
• Analyze security data for trends, anomalies, and indicators of compromise.

Security Tool Management

• Manage and optimize tools such as SIEM (Splunk/QRadar), IDS/IPS, EDR.
• Tune detection rules and reduce false positives.
• Evaluate and recommend new security tools to enhance SOC effectiveness.

Log & Event Analysis

• Analyze logs from endpoints, servers, network devices, and cloud environments.
• Ensure accurate log collection, correlation, and retention.
• Provide in-depth analysis and generate actionable security reports.

Vulnerability Management

• Conduct vulnerability scans and prioritize remediation tasks.
• Work with IT and DevOps teams to patch systems and address weaknesses.

Collaboration & Escalation

• Act as escalation point for junior SOC team members.
• Collaborate with internal and external security stakeholders (e.g., MSSPs).
• Work with other security domains to ensure a unified defense strategy.

Security Policies & Best Practices

• Enforce security policy compliance and contribute to improvements.
• Conduct security awareness sessions for SOC and broader teams.

Reporting & Documentation

• Maintain detailed incident logs, root cause analyses, and threat reports.
• Prepare regular security posture reports for management and compliance teams.

Continuous Improvement

• Evaluate SOC operations and recommend enhancements to workflows, playbooks, and technology stacks.
• Stay current with evolving threats, attack vectors, and detection techniques.
• Participate in simulations, tabletop exercises, and red/blue teaming initiatives.

Compliance & Regulatory Requirements

• Ensure SOC practices align with standards like GDPR, HIPAA, PCI DSS.
• Support audits, documentation, and reporting aligned with SLAs and compliance requirements.

Mentoring & Training

• Guide and upskill L1 and L2 analysts.
• Share insights on advanced threat detection, forensic techniques, and response strategies.

Basic Qualifications

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
• 5+ years of experience in SOC operations or cybersecurity.
• Deep understanding of SIEM platforms, security monitoring, and incident response.
• Strong communication, analytical, and troubleshooting skills.
• Familiarity with IT infrastructure, networking, and security concepts.

Preferred Qualifications

• Relevant certifications: ECIH, GCIH, CISM, CISSP, etc.
• Certified in Splunk or equivalent SIEM platform.
• Hands-on experience with EDR, XDR, DLP, WAF, proxy, email security tools.
• Exposure to cloud platforms like AWS, Azure, or GCP.
• Ability to thrive in 24x7 SOC environments and rotating shifts.