Security Operations Analyst, Senior

Newfold Digital · India, Mumbai

Not specified Full-time Senior Security

Job Description

About the role:

Security Operations Analyst is responsible for the day-to-day monitoring, analysis, and investigation of security threats across enterprise systems and networks. The role triages and responds to security alerts and incidents, working both independently and in collaboration with senior analysts on known or suspected threats.

The analyst supports incident response, threat intelligence, and forensic analysis activities in alignment with established security best practices and control frameworks. This includes identifying anomalies, escalating issues as appropriate, and contributing to the improvement of detection and response processes.

Security Operations Analysts may work shifts and participate in on-call rotations to support global operations and ensure continuous security monitoring coverage.

What you’ll do & how you’ll make your mark:

Develop and deliver security reports and metrics to support operational awareness and leadership decision-making.
Identify and support mitigation of information security risks, including evaluating projects and initiatives for alignment with security requirements, policies, and standards.
Support internal and external audits by collecting and analyzing evidence, assessing control effectiveness, and ensuring adherence to established security frameworks and policies.
Track and manage remediation activities, including corrective action plans and audit findings, ensuring timely resolution of identified security issues.
Identify, investigate, and respond to security incidents, including analyzing root cause and impact to contain threats and reduce organizational risk.
Maintain and support security tools, controls, and monitoring capabilities to ensure effective detection and response.
Develop, implement, and continuously improve threat-informed detections and automated response playbooks, including use case development, rule creation, tuning, validation, and optimization through incident feedback and testing.
Monitor systems and security telemetry for violations, vulnerabilities, and anomalous activity.
Analyze and apply threat intelligence to enhance detection, response, and situational awareness.
Identify and support onboarding and validation of security telemetry to ensure effective detection and visibility.
Collaborate with cross-functional teams to support incident response, remediation, and security improvements.
Assist in the evaluation and selection of security technologies and solutions to support detection, monitoring, and response capabilities.

This Job Description includes the essential job functions required to perform the job described above, as well as additional duties and responsibilities. This Job Description is not an exhaustive list of all functions that the employee performing this job may be required to perform. The Company reserves the right to revise the Job Description at any time, and to require the employee to perform functions in addition to those listed above.

More Offers from Newfold Digital

Systems Administrator, Senior

Newfold Digital · Remote

Remote Full-time Senior

Billing and Risk Mitigation Associate

Newfold Digital · Cebu

Not specified Full-time Entry

Procurement, Manager

Newfold Digital · Remote

Remote Full-time Not specified

ML Data Engineer

Newfold Digital · Nova Scotia

Remote Full-time Not specified

Senior Software Engineer – AI

Newfold Digital · Quebec

Remote Full-time Senior

Staff Accountant

Newfold Digital · Mumbai

Not specified Full-time Senior

Apply Now

You'll be redirected to the company's application page

Requirements

A degree in Cybersecurity, Information Technology, Computer Science, or related field is desirable
Industry-recognized certifications are a plus and may include: CompTIA Security+ or CySA+, Microsoft SC-200, GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Cyber Threat Intelligence (GCTI), GIAC Security Operations Certified (GSOC), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and relevant cloud or security vendor certifications (e.g., SIEM, SOAR, endpoint, or cloud security platforms)
5-7 years of experience in security operations or related disciplines. with demonstrated expertise in security analysis and incident response
Working knowledge of security controls including access control, authentication, encryption, system integrity, and logging as applied to security monitoring and detection
Experience with security operations including monitoring, incident response, and incident management procedures, with the ability to investigate, escalate, and respond to security events
Ability to develop, modify, and maintain threat detection rules within SIEM platforms, including tuning alerts and improving detection fidelity
Understanding of security telemetry, including log collection and ingestion (e.g., syslog, Windows Event Forwarding, ELK), normalization, and data quality considerations to support effective detection and visibility
Strong knowledge of operating systems (Windows, Linux, macOS), identity systems (e.g., Active Directory), and network fundamentals (TCP/IP, DNS) as they relate to security monitoring and investigation
Experience with endpoint, network, and host-based security tools including EDR, IDS/IPS, firewalls, vulnerability scanners, and host-based detection/prevention systems
Ability to analyze and correlate data across multiple security and telemetry sources to identify patterns, anomalies, vulnerabilities, and potential security threats
Experience applying security frameworks such as MITRE ATT&CK to map adversary behaviors and support detection and response development
Experience with malware analysis, network forensics, and digital forensics concepts and tools; reverse engineering skills are a plus
Ability to assess security threats and implement timely mitigations under pressure
Experience using scripting languages such as Python, PowerShell, or equivalent to support automation, analysis, and response activities
Strong collaboration and communication skills with the ability to build effective relationships across technical and non-technical teams
Experience with security platforms and tools including SIEM, SOAR, EDR, vulnerability management, and threat intelligence tools (e.g., Google SecOps/Chronicle, Microsoft Defender for Endpoint, SentinelOne Singularity, Tanium Threat Response, Recorded Future)
Experience with cloud security monitoring and native security services across AWS, Azure, Google Cloud, or OCI is a plus
Familiarity with security-focused frameworks, methodologies, and best practices for detection, response, and vulnerability management is a plus
Ability to analyze and apply threat intelligence to support detection, investigation, and response activities
Experience developing or working with automated response workflows and playbooks (SOAR)
Advanced professional role requiring strong technical proficiency in security operations, detection, and incident response. Works independently with minimal supervision on complex investigations, exercising sound judgment to resolve issues, identify risks, and escalate appropriately
Serves as a senior technical resource for the team, providing guidance, mentorship, and cross-training to junior analysts while promoting consistent standards for analysis, detection, and response. Contributes to the development and continuous improvement of detection logic, alert tuning, and response playbooks
Effectively communicates with both technical and non-technical stakeholders and collaborates with peers on complex issues to enhance team capability. May assist in coordinating and tracking tasks for junior team members