APN Consulting, Inc. is a progressive IT staffing and services company offering innovative business solutions to improve client business outcomes. We focus on high impact technology solutions in ServiceNow, Fullstack, Cloud & Data, and AI / ML. Due to our globally expanding service offerings we are seeking top-talent to join our teams and grow with us.
Role: Tier 2 Cyber Security Operations Analyst
Location: India Pune Remote (future hybrid)
Duration: 3-month contract to hire
Work hours: listed below under Work Environment
A Tier 2 Cyber Security Operations Analyst in India is a mid-level role within a Security Operations Center (SOC) that builds on Tier 1 responsibilities, focusing on deeper investigation, incident response, and threat mitigation. This role involves more advanced analysis and collaboration to address complex cyber threats. Below is the detailed job description:
Job Overview:
The Tier 2 Cyber Security Operations Analyst is responsible for performing advanced analysis of security incidents, conducting in-depth investigations, and implementing mitigation strategies to protect organizational IT infrastructure. This role serves as an escalation point for Tier 1 analysts, requiring strong technical expertise, analytical skills, and the ability to handle complex cyber threats in a fast-paced SOC environment.
Key Responsibilities:
1. Incident Analysis and Response:
- Investigate escalated security incidents from Tier 1, including malware infections, advanced persistent threats (APTs), phishing campaigns, and unauthorized access attempts.
- Perform root cause analysis to identify the source, scope, and impact of incidents.
- Implement containment, eradication, and recovery measures, such as isolating compromised systems or applying security patches.
2. Threat Hunting and Proactive Monitoring:
- Conduct proactive threat hunting using SIEM tools and endpoint detection and response (EDR/XDR) platforms.
- Analyze Indicators of Compromise (IoCs) and Tactics, Techniques, and Procedures (TTPs) to identify potential threats.
- Correlate logs and alerts to detect patterns of malicious activity.
3. Security Tool Optimization:
- Configure and fine-tune security tools, including SIEM and SOAR platform.
- Develop and update SIEM rules, dashboards, and alerts to improve detection accuracy.
4. Documentation and Reporting:
- Document incident details, including timelines, findings, and remediation steps, in ticketing systems.
- Prepare detailed incident reports and post-incident reviews for management and compliance purposes.
- Contribute to the development of standard operating procedures (SOPs) and playbooks for incident response.
5. Collaboration and Escalation:
- Work closely with Tier 1 analysts to mentor and guide them on alert triage and basic incident handling.
- Collaborate with Senior Analysts, threat intelligence teams, and IT departments for advanced investigations and remediation.
- Liaise with external stakeholders, such as CERT-In or third-party vendors, during major incidents.
6. Threat Intelligence Integration:
- Incorporate threat intelligence feeds into security monitoring processes.
- Stay updated on emerging cyber threats, vulnerabilities, and attack trends relevant to the organization''s industry.
Skills and Qualifications:
- Education: Bachelor''s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Relevant certifications or equivalent experience may substitute.
- Experience: 4-7 years of experience in cybersecurity, preferably in a SOC environment or as a Tier 1 analyst. Hands-on experience with incident response is essential.
- Technical Skills:
- Advanced knowledge of networking protocols (TCP/IP, DNS, VPN) and operating systems (Windows, Linux, macOS).
- Proficiency with SIEM platforms, EDR/XDR tools, and network security appliances.
- Experience with log analysis, packet capture tools (e.g., Wireshark), and scripting (e.g., Python, PowerShell, Bash) for automation.
- Familiarity with cloud security (e.g., AWS, Azure, Google Cloud) and related tools is a plus.
- Understanding of attack frameworks like MITRE Telecommunication&CK and common vulnerabilities (e.g., CVE database).
- Certifications (preferred):
- CompTIA Security+, CISSP
- Certified Ethical Hacker (CEH)
- GIAC Certified Incident Handler (GCIH)
- Strong problem-solving and critical-thinking skills.
- Ability to work under pressure and handle multiple incidents simultaneously.
- Excellent communication skills to explain technical findings to non-technical stakeholders.
- Team mentoring and leadership capabilities.
Work Environment:
- Work Hours: Typically 35-40 hours per week, with rotating shifts (e.g., 7 AM-3 PM, 3 PM-11 PM, 11 PM-7 AM) to support 24x7x365 SOC operations. On-call availability may be required.
- Team Structure: Reports to a SOC Manager or Lead Analyst, collaborates with Senior analysts, IT teams, and external vendors.
We are committed to fostering a diverse, inclusive, and equitable workplace where individuals from all backgrounds feel valued and empowered to contribute their unique perspectives. We strongly encourage applications from candidates of all genders, races, ethnicities, abilities, and experiences to join our team and help us build a culture of belonging.
Never miss an opportunity! Create an alert based on the job you applied for.
