Senior Cyber Security Analyst - CISM/CISSP Certified (5-7 yrs)

We are hiring for one of our clients.

Please go through the below details and let us know if you are interested in this opportunity.

Job Title : Senior Cybersecurity Analyst.

Experience : 5+ Years (FTE).

Job Location : Hyderabad.

Requirements :

Experience & Education :

- Bachelor's degree in computer science, Information Security, or a related field (or equivalent work experience).

- Relevant security certifications such as CISSP, CEH, CISM, CompTIA Security+, or equivalent are preferred.

- 5+ years of experience in cybersecurity or security operations.

- Proven experience in working with security tools (Proofpoint, Crowd Strike, AWS/Azure security tools, Uptycs, etc.

- Strong knowledge of cloud security frameworks, vulnerability management, and incident response.

- Experience with regulatory compliance and security frameworks (e.g, NIST, SOC 2, ISO 27001).

- Strong analytical skills to detect and investigate security incidents.

- Knowledge of networking, operating systems (Linux, Windows), and security protocols.

- Experience in cloud infrastructure security for AWS and Azure environments.

- Familiarity with scripting languages (e.g, Python, PowerShell) is a plus.

- Excellent communication skills, with the ability to work across teams and explain security issues to non-technical stakeholders.

THE PLAN :

Threat Detection & Response :

- Monitor security tools (e.g, Crowd Strike, Uptycs) for potential threats, malware, and other malicious activities.

- Investigate security incidents and respond to detected threats using endpoint detection and response (EDR) tools such as Crowd Strike.

- Collaborate with incident response teams to mitigate threats and vulnerabilities promptly.

- Participation in on-call rotation.

Cloud Security :

- Manage and monitor cloud infrastructure security in AWS and Azure environments.

- Implement and maintain security controls across cloud platforms, ensuring compliance with organizational policies.

- Monitor cloud environments for anomalies, misconfigurations, and threats using tools like Obsidian for SaaS security.

Email Security :

- Manage and optimize email security systems, specifically Proofpoint, to detect and block phishing, spam, and email-based threats.

- Respond to email security alerts and perform in-depth investigations on suspicious email activities.

Vulnerability Management & Scanning :

- Perform vulnerability scanning using appropriate tools, identify security vulnerabilities in systems, and assist in remediation efforts.

- Track and report on vulnerability management processes and ensure that vulnerabilities are mitigated or patched according to the organization's security policies.

- Conduct regular penetration testing to assess the security of applications and networks.

Security Monitoring & Analysis :

- Use SIEM (Security Information and Event Management) systems to analyze security events, logs, and alerts.

- Correlating threat intelligence feeds internal data to detect advanced threats.

- Perform regular analysis and reporting on security incidents, including root cause analysis.

Compliance & Risk Management :

- Ensure compliance with industry standards and frameworks such as ISO 27001, NIST, SOC 2, and other applicable regulations.

- Assist in audits and ensure that security policies and procedures are followed.

- Conduct risk assessments to evaluate the organization's exposure to cybersecurity risks.

Security Best Practices & Training :

- Assist in developing and maintaining security policies, procedures, and best practices.

- Provide security awareness training to employees, focusing on phishing, malware detection, and cloud security practices.