We are looking for a Senior Security Analyst with strong hands-on experience in email security, Microsoft security technologies, vulnerability management, SIEM monitoring, and incident response. The ideal candidate must have practical experience defending organizations against phishing, impersonation/BEC attacks, endpoint threats, and other cyber threats while continuously improving the organization鈥檚 security posture.
Key Responsibilities
Email Security
- Manage and optimize Proofpoint and Microsoft Defender for Office 365.
- Design and implement anti-phishing, impersonation, and BEC protection policies.
- Investigate phishing emails reported by users, perform header and URL analysis, and take remediation actions.
- Identify emerging email-based attack patterns and implement preventive controls.
Microsoft Security & Identity
- Secure Exchange Online, Microsoft Entra ID, and Microsoft 365 environments.
- Implement and manage Conditional Access policies, identity protection policies, and authentication security controls.
- Support implementation of Zero Trust security architecture.
Vulnerability Management
- Perform vulnerability scanning and remediation for Windows servers, Linux servers, and endpoints.
- Use tools such as Tenable or Qualys to identify, prioritize, and track vulnerability.
- Work with infrastructure teams to ensure timely remediation and validation.
Endpoint Security
- Investigate alerts from EDR solutions such as Sophos or Microsoft Defender for Endpoint.
- Analyze endpoint threats and coordinate containment and remediation actions.
SIEM & Security Monitoring
- Monitor and manage SIEM platforms such as Microsoft Sentinel, Wazuh, or similar.
- Develop and tune detection rules, alerts, and dashboards.
- Perform log analysis, threat detection, and investigation of security alerts.
Incident Response & Forensics
- Participate in security incident response and digital forensic investigations.
- Perform root cause analysis and recommend security improvements.
Risk & Third-Party Security
- Conduct security risk assessments across infrastructure and applications.
- Perform third-party/vendor security assessments and identify potential risks.