Senior Security Analyst

We are looking for a Senior Security Analyst with strong hands-on experience in email security, Microsoft security technologies, vulnerability management, SIEM monitoring, and incident response. The ideal candidate must have practical experience defending organizations against phishing, impersonation/BEC attacks, endpoint threats, and other cyber threats while continuously improving the organization’s security posture.

Key Responsibilities

Email Security

• Manage and optimize Proofpoint and Microsoft Defender for Office 365.
• Design and implement anti-phishing, impersonation, and BEC protection policies.
• Investigate phishing emails reported by users, perform header and URL analysis, and take remediation actions.
• Identify emerging email-based attack patterns and implement preventive controls.

Microsoft Security & Identity

• Secure Exchange Online, Microsoft Entra ID, and Microsoft 365 environments.
• Implement and manage Conditional Access policies, identity protection policies, and authentication security controls.
• Support implementation of Zero Trust security architecture.

Vulnerability Management

• Perform vulnerability scanning and remediation for Windows servers, Linux servers, and endpoints.
• Use tools such as Tenable or Qualys to identify, prioritize, and track vulnerability.
• Work with infrastructure teams to ensure timely remediation and validation.

Endpoint Security

• Investigate alerts from EDR solutions such as Sophos or Microsoft Defender for Endpoint.
• Analyze endpoint threats and coordinate containment and remediation actions.

SIEM & Security Monitoring

• Monitor and manage SIEM platforms such as Microsoft Sentinel, Wazuh, or similar.
• Develop and tune detection rules, alerts, and dashboards.
• Perform log analysis, threat detection, and investigation of security alerts.

Incident Response & Forensics

• Participate in security incident response and digital forensic investigations.
• Perform root cause analysis and recommend security improvements.

Risk & Third-Party Security

• Conduct security risk assessments across infrastructure and applications.
• Perform third-party/vendor security assessments and identify potential risks.

Qualifications

Mandatory Skills

• 5+ years of experience in cybersecurity or security operations, preferably in enterprise environments.
• Strong hands-on experience managing email security platforms such as Proofpoint and Microsoft Defender for Office 365, including protection against phishing, impersonation, and BEC attacks.
• Experience securing Microsoft environments including Exchange Online, Microsoft Entra ID, and Microsoft 365 security controls, including Conditional Access and identity protection policies.
• Hands-on experience investigating endpoint threats using EDR platforms such as Sophos or Microsoft Defender for Endpoint.
• Experience performing vulnerability management using Tenable or Qualys, including vulnerability analysis, prioritization, and remediation tracking for Windows, Linux, and endpoint systems.
• Hands-on experience working with SIEM platforms such as Microsoft Sentinel, Wazuh, or similar, including log analysis, alert investigation, and detection rule tuning.
• Experience investigating security incidents and performing root cause analysis involving phishing attacks, endpoint compromises, or suspicious authentication activity.
• Good understanding of Zero Trust architecture principles and enterprise security implementations.
• Strong knowledge of Windows and Linux security fundamentals.

Good to Have

• Security certifications such as CISSP, CISM, CEH, SC-200, or SC-300.
• Experience with cloud security (Azure or AWS).
• Experience with security automation or scripting (Python, PowerShell, Bash).

Knowledge of security frameworks such as NIST, ISO 27001, or CIS Controls.