Cybersecurity Analyst

Zenith Infotech (S) Pte Ltd. was started in 1997, primarily with the vision of offering state-of-the-art IT Professionals and solutions to various organizations and thereby helping them increase their productivity and competitiveness. From deployment of one personto formation of whole IT teams, Zenith Infotech has helped clients with their staff augmentation needs. Zenith offers opportunity to be engaged in long term projects with large IT savvy companies, Consulting organizations, System Integrators, and MNCs.

EA Licence No: 20S0237

The Cyber Security Analyst is responsible for security monitoring and incident investigation within the Security Operations Center (SOC). This role provides technical expertise in threat detection, incident handling, and use case optimization.

The Analyst plays a critical role in ensuring timely detection, analysis, and containment of cyber threats.

Roles and Responsibilities:
Security Monitoring & Incident Response
Perform the investigation and response to complex and high-severity security incidents across network, endpoint, cloud, and application environments
Perform deep-dive analysis of alerts, logs, and telemetry to determine root cause, impact, and remediation actions
When required coordinate incident response activities across internal teams and external stakeholders, including escalation to management when required
Ensure incidents are handled in accordance with defined SLAs, playbooks, and regulatory requirements
Threat Detection & Use Case Management
Tune, and optimize SIEM detection rules to reduce false positives and improve detection efficacy
Continuous Improvement & SOC Maturity
Contribute to the development and refinement of SOC processes, runbooks, and playbooks
Identify opportunities to improve SOC efficiency through automation, SOAR, and AI-driven capabilities
Leadership & Mentorship
Provide guidance and mentoring to junior analysts
Act as an escalation point for complex investigations and technical challenges
Support knowledge sharing, training, and continuous skills development within the SOC team
________________________________________
Required Skills & Experience
Technical Skills
Strong hands-on experience with SIEM platforms such as Splunk, Elasticsearch, Microsoft Sentinel, or Google SecOps
Solid understanding of network, endpoint, identity, and cloud security concepts
Experience analyzing logs from firewalls, EDR, IDS/IPS, cloud platforms, and operating systems
Familiarity with incident response methodologies and digital forensics fundamentals
Experience
3-5 years of experience in cyber security operations, SOC, or incident response roles
Proven experience handling medium to high severity security incidents independently
Experience working in regulated environments (e.g. financial services,government, healthcare) is an advantage
Soft Skills
Strong analytical and problem-solving skills
Calm and structured approach when handling incidents under pressure
Strong sense of ownership, accountability, and attention to detail
________________________________________
Preferred / Nice-to-Have
Experience with SOAR platforms and security automation
Cloud security experience (AWS, Azure, GCP)
Scripting or query skills (e.g. SPL, KQL, SQL, Python)
Experience in SOC transformation or SIEM migration projects
________________________________________
Certifications (Preferred)
GCIA, GCIH, GCED
Elastics, Google SecOps, Microsoft Sentinel, or vendor-specific SIEMcertifications"

3 MUST have skillsets
o Hands-on security monitoring experience with SIEM platforms preferably, Elastic Stack (ELK)
o Experience analyzing logs from firewalls, EDR, IDS/IPS, cloud platforms, and operating systems
o understanding of network, endpoint, identity, and cloud security concepts

The role operates on a 24/7 basis with 12-hour shifts, with the standard shift timing from 8:00 AM to 8:00 PM. Shift work is required, including night shifts when scheduled