Security Analyst

About ColorTokens:

At ColorTokens we empower businesses to stay operational and resilient in an increasingly complex cybersecurity landscape. Breaches happenbut with our cutting-edge ColorTokens Xshield platform companies can minimize the impact of breaches by preventing the lateral spread of ransomware and advanced malware. We enable organizations to continue operating while breaches are contained ensuring critical assets remain innovative platform provides unparalleled visibility into traffic patterns between workloads OT/IoT/IoMT devices and users allowing businesses to enforce granular micro-perimeters swiftly isolate key assets and respond to breaches with agility. Recognized as a Leader in the Forrester Wave: Microsegmentation Solutions (Q3 2024) ColorTokens safeguards global enterprises and delivers significant savings by preventing costly disruptions.

Join us in transforming cybersecurity. Learn more at .

Our Culture

We foster an environment that values customer focus innovation collaboration mutual respect and informed decision-making. We believe in alignment and empowerment so you can own and drive initiatives -starters and high-motivated individuals will enjoy the rewarding experience of solving complex challenges that protect some of worlds impactful organizations be it a childrens hospital or a city or the Défense department of an entire country.

Role:Security Anlyst

Experience: 4 to 8 years

Location: Bangalore

Work mode: Work from Office (hybrid)

Shifts: Candidate must be willing to work in the rotational shifts 24/7.

Job Description:

Skills and Experience:

4 years of security operations experience

Correlate and analyse events using the Splunk/Log Rhythm/Qradar and stellar cyber SIEM tool to detect IT security incidents. Knowledge of network and endpoint security threat intelligence and vulnerabilities.

Conduct analysis of log files including forensic analysis of system resource access.

Review customer reports to ensure quality and accuracy.

Monitor multiple security technologies such as SIEM IDS/IPS Firewalls Switches VPNs networking and other security threat data sources.

Knowledge of sandbox and malware analysis.

Knowledge of Cyber Kill Chain and MITRE ATT&CK frameworks functionality.

Possible attack activities such as scans man in the middle sniffing DoS DDoS etc. and possible abnormal activities such as worms Trojans viruses etc.

CCNA CEH CISSP GCA GCIA GCIH SANS certification would be preferable.

High level of integrity professionalism and attention to detail

Ability to communicate complex security issues to peers and management alike.

A motivated self-managed individual who can demonstrate above average analytical skills and work professionally with peers and customers even under pressure.

Roles & Responsibilities:

Senior level SOC analyst mentoring junior analysts. Develop and maintain SOC processes playbooks and standard operating procedures to ensure consistent and effective response to security events.

Incident Analysis: Conduct detailed analysis of escalated security incidents. Coordination of end-to-end Security Incident management on escalated incidents ensuring timely updates to stakeholders and efficient resolution of incidents to achieve the RCA.

Threat Monitoring and Analysis: Monitor security alerts and events using SIEM and other security tools. Lead and coordinate proactive threat hunting to identify potential risks and vulnerabilities. Analyzing and integrate threat intelligence feeds to the platforms and stay updated on emerging threats.

Collaboration: Creatively solve problems collaborating with SecOps Platform Delivery IT and Engineering team members.

Monitoring and analysis of security events to detect and respond to threats. Ensure timely and effective responses to security events including root cause analysis containment eradication and recovery. Coordinate with other departments ensuring clear communication and alignment.

Forensic Analysis: Perform forensic analysis and malware analysis of Computers. Collect and analyze forensic artifacts including memory and disk images to identify malicious activity. Gather evidence for legal and investigative purposes.

Continuously improve SOC operations by evaluating and implementing new tools technologies and methodologies. Automate workflows using PowerShell regular expressions and API.

Integrate threat intelligence into SOC operations ensuring that the team is aware of and prepared for emerging threats. Oversee the creation and refinement of detection rules ensuring they are aligned with MITRE ATT&CK Framework. Lead efforts to identify gaps in monitoring and develop strategies to enhance detection capabilities.

Work closely with the IT and cybersecurity teams to ensure alignment on security strategies and initiative

Qualifications:

Education: Bachelors degree in information technology Computer Science Business or Engineering required or equivalent experience.

Certifications: Advanced certifications such as CISSP OSCP GCIH GSOC or GCIA.

Incident Response Experience: 4 years of experience in Cyber Incident response and investigations.

Strong interpersonal skills with the ability to collaborate well with others. And strong written verbal and communication skills must need.