Senior IT Security Analyst - Vulnerability Assessment

Description : Role : Senior IT Security AnalystDomain : : 8 - 13 YearsLocation : Pune (5 Days working from Office)Must-Haves : - The candidate must possess hands-on expertise across a wide range of cybersecurity tools and technologies.- Looking for L3 resource- Hands on Experience including threat hunting, threat detection, and threat intelligence.- Strong experience with CrowdStrike, vulnerability management, and handling security incidents, phishing incidents, and high-level incident response is required.- The role also demands proficiency in SIEM log source onboarding,- fine-tuning detection rules, developing detection logic, and using KQL for advanced security analytics and monitoring.Required Skills : - Significant experience in SOC, CERT, or CSIRT environments, with expertise in SIEM administration, threat hunting, detection engineering, and incident response.- Strong expertise in configuring, optimizing, and maintaining Microsoft security products, including Sentinel, Defender for Cloud, Endpoint, Identity, Office 365, Exchange, and Azure Active Directory.- Proficiency in log sources onboarding in SIEM, log management, developing consolidated security dashboards and developing Playbook to support continuous monitoring.- Proficiency in creating and simulating hypothetical threat scenarios to anticipate and combat potential attack vectors.- In-depth understanding and practical application of the MITRE ATT&CK framework for mapping detection rules and identifying attacker tactics, techniques, and procedures (TTPs).- Practical knowledge of security technologies, including firewalls, IDS/IPS, SIEM, endpoint detection, anti-malware, and vulnerability assessment tools.- Solid understanding of networks, cloud infrastructures, operating systems (Windows, Linux),and evolving cyberattack methods.- Experience in correlating threat intelligence feeds with detection engineering to identify and mitigate advanced threats.- Proven ability to analyze large volumes of security logs and data to craft precise, high-fidelity detection rules while reducing false positives.- Excellent communication and collaboration skills to effectively share findings and work with cross-functional teams.- Passionate about proactive cybersecurity measures, with a strong desire to stay updated one merging threats and technologies.About the Role : We are looking for a Senior IT Security Analyst (L3) to strengthen our cybersecurity operations. The role requires strong hands-on experience in threat hunting, incident response, and detection engineering, along with proficiency in KQL for advanced security analytics. The ideal candidate will be experienced in SIEM (Microsoft Sentinel) and capable of developing detection logic, fine-tuning rules, and proactively identifying and mitigating advanced threats in a SOC/CERT environment.Role and Responsibilities : A. Incident Response and Collaboration : - Collaborate with SOC, CERT, or CSIRT teams for effective incident monitoring and response.- Investigate and respond to cybersecurity incidents, including forensic analysis of attack patterns.B. SIEM Administration : - Provide ongoing support for SIEM Architecture, ensuring efficient log ingestion, parsing, and normalization to enhance threat visibility and detection capabilities.- Designed and customized automated playbooks and interactive dashboards in SIEM to meet specific security monitoring and incident response requirements.C. Threat Intelligence Analysis : - Gather, process, and analyze threat intelligence feeds to identify emerging threats.- Proactively communicate relevant threat scenarios and provide actionable insights.D. Threat Detection Development : - Develop and fine-tune advanced KQL queries and analytics rules in Microsoft Sentinel to detect sophisticated attack vectors.- Build and test hypothetical threat scenarios to enhance threat detection capabilities.- Optimize detection systems to minimize false positives and maximize precision.E. Incident Response and Collaboration : - Collaborate with SOC, CERT, or CSIRT teams for effective incident monitoring and response.- Investigate and respond to cybersecurity incidents, including forensic analysis of attack patterns.F. Security Tool Management : - Configure, monitor, and maintain security tools such as SIEM (Microsoft Sentinel),Defender for Cloud, antivirus solutions, and consolidated security dashboards.G. Continuous Improvement : - Participate in developing and implementing security concepts, hardening guidelines, and monitoring systems.- Perform penetration tests, vulnerability assessments, and audits to ensure robust security measures.- Contribute to the creation and refinement of SOC policies, processes, and procedures. (ref:hirist.tech)