We are looking for a Cybersecurity Analyst to support security operations, threat monitoring, and incident response activities. This role will be responsible for proactively identifying, analyzing, and responding to cybersecurity threats across enterprise systems using modern security tools and frameworks.
The ideal candidate will have hands-on experience with SIEM, EDR/XDR tools (especially Microsoft Defender), and incident response processes.
Key Responsibilities:
- Monitor security platforms (SIEM, EDR, cloud security tools) for threats, attacks, and suspicious activity
- Utilize Microsoft Defender XDR (Endpoint, Identity, Cloud Apps, Office 365) for detection and response
- Investigate and respond to security incidents, including phishing and user-reported threats
- Perform incident triage, analysis, escalation, and resolution following defined procedures
- Support the full incident response lifecycle (detection → containment → eradication → recovery → reporting)
- Monitor and manage identity and access risks, including risky users and login anomalies
- Develop and maintain incident reports, documentation, and security logs
- Conduct risk analysis and vulnerability assessments, and support remediation efforts
- Optimize detection rules and alerts to reduce false positives and improve accuracy
- Assist in developing and enforcing security policies and procedures
- Stay updated on emerging threats, attack vectors, and security technologies
Required Qualifications:
- 3+ years of experience in Cybersecurity / SOC / Security Operations
- Hands-on experience with:
- SIEM tools (e.g., Splunk, Sentinel, QRadar)
- EDR/XDR tools (Microsoft Defender preferred)
- Strong understanding of:
- Incident response processes
- Threat detection and analysis
- Identity & Access Management (IAM)
- Experience handling phishing investigations and security alerts
- Knowledge of security frameworks and best practices
