CSC Global - Cyber Security Analyst - Endpoint Detection & Response

Description:

Title: Cyber Security Analyst

Work Location: Bangalore

Work schedule: Rotational (2 days weekly off per week)

Mode: Hybrid

Job Summary :

We are seeking a skilled and proactive Cyber Security Analyst to join our cybersecurity team.

The Analyst will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents in real-time.

This role involves working with advanced security tools, conducting initial triage, escalating threats, and helping to ensure the overall security of the organization's digital assets.

Key Responsibilities :

- Monitor SIEM dashboards, alerts, and security logs to detect suspicious activities or policy violations.

- Perform initial triage, investigation, and classification of security incidents.

- Respond to alerts and incidents following defined incident response procedures.

- Analyze data from firewalls, IDS/IPS, endpoint protection, email security, and threat intelligence platforms.

- Escalate critical incidents to Team Lead or incident response teams.

- Create and maintain incident tickets with detailed findings and actions taken.

- Contribute to the continuous improvement of SOC processes, use cases, and playbooks.

- Assist in threat hunting and proactive identification of anomalies across the network.

- Generate regular and ad hoc reports on SOC metrics, incident trends, and findings.

Required Skills and Qualifications :

- Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience).

- 2 to 4 years of experience in cybersecurity or SOC operations & Monitoring.

- Understanding of cybersecurity principles, attack vectors, and threat detection.

- Experience with SIEM platforms (e.g., Splunk, QRadar, Palo Alto Cortex XSIAM, etc.

- Familiarity with common security tools (EDR, IDS/IPS, vulnerability scanners).

- Strong analytical and problem-solving skills.

- Good communication skills and ability to work in a fast-paced team environment.

- Knowledge of MITRE ATT&CK framework, TCP/IP, DNS, HTTP, and other protocols.

Preferred Qualifications (Nice to Have) :

- Industry certifications: Security+, CEH, GCIA, GCIH, Palo Alto Certified, or similar.

- Experience with scripting (Python, PowerShell) or automation (SOAR platforms).

Shift and Work Environment :

- Shift work including nights, weekends, and holidays (24/7 coverage).

- On-call rotation may apply.

- 2 days weekly off per week.

Hands-On Knowledge on below mentioned tools is good to have :

- Palo Alto XSIAM / Cortex XDR

- Recorded Future

- Microsoft Defender / O365 Email DLP

- Proofpoint SEG

- Zscaler ZIA / ZPA

- Azure Active Directory / M365

- Intune / SCCM

- Virus Total / CISA / CIS Benchmarking