Job Description
Team: IT
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Threat Analyst based in India.
This role provides an opportunity to join a cybersecurity operations team focused on identifying, investigating, and responding to advanced cyber threats.
The Threat Analyst will work across endpoint, network, cloud, and identity environments to analyze security incidents and protect organizations from evolving attacks.
You will leverage threat intelligence, detection tools, and investigative techniques to uncover malicious activity and provide actionable recommendations.
The position offers hands-on experience with real-world incidents, including ransomware investigations, malware analysis, and proactive threat hunting.
Working alongside experienced security professionals, you will contribute to improving detection capabilities and strengthening overall security resilience.
The ideal candidate is analytical, curious, and passionate about cybersecurity, with strong technical skills and a commitment to continuous learning.
Accountabilities
The Threat Analyst will be responsible for investigating complex security alerts, analyzing threats, and supporting incident response activities within a 24/7 monitoring environment. This role requires strong technical investigation skills, attention to detail, and the ability to collaborate with security teams to deliver effective protection and remediation guidance.
- Investigate escalated security alerts and incidents across endpoint, network, cloud, and identity environments.
- Perform detailed analysis to determine attack scope, root cause, lateral movement, persistence methods, and potential business impact.
- Support ransomware investigations by analyzing attacker behaviors, credential abuse, malware activity, and intrusion techniques.
- Analyze suspicious scripts, malware samples, and indicators of compromise through reverse engineering and deobfuscation techniques.
- Conduct proactive threat hunting activities based on threat intelligence, investigative hypotheses, and emerging attack patterns.
- Investigate suspicious authentication activity, privilege escalation attempts, and identity-related security events.
- Perform Windows and Linux system investigations, including process analysis, event log review, and system-level analysis.
- Correlate information from multiple security platforms, including EDR, SIEM, cloud logging systems, and identity solutions.
- Document investigation findings clearly and provide actionable remediation recommendations.
- Collaborate with senior analysts during complex or high-severity incidents.
- Contribute to detection improvements, security playbook enhancements, and operational process improvements.
- Participate in rotational schedules supporting continuous monitoring and response operations.
- 4–6 years of experience in a SOC, MDR, incident response, or cybersecurity operations role.
- Bachelor’s degree in Information Technology, Computer Science, cybersecurity, or a related field, or equivalent professional experience.
- Experience investigating endpoint and network security alerts using EDR and SIEM platforms.
- Strong understanding of ransomware attack techniques, intrusion methods, and adversary behaviors.
- Hands-on experience analyzing Windows and Linux systems, including logs, processes, and security events.
- Experience analyzing malware behavior, suspicious scripts, and performing deobfuscation techniques.
- Familiarity with adversary tactics, techniques, and the MITRE ATT&CK framework.
- Knowledge of Windows Event Logs, Linux logging, Active Directory concepts, and identity security investigations.
- Understanding of cloud security fundamentals and suspicious authentication analysis.
- Ability to analyze network traffic, including TCP/IP, DNS, and HTTP/S protocols.
- Strong scripting skills, including PowerShell and Python or other programming languages.
- Excellent documentation, communication, and investigative reporting skills.
- Strong troubleshooting abilities and attention to investigative detail.
- Security certifications such as Security+, CySA+, GCIH, or equivalent are a plus.
- Remote-first work environment with flexibility and autonomy.
- Opportunity to work on real-world cybersecurity investigations and advanced threat response activities.
- Exposure to enterprise security environments, modern detection technologies, and global threat intelligence.
- Collaboration with experienced cybersecurity professionals and opportunities for continuous learning.
- Employee-led diversity and inclusion communities supporting a collaborative workplace culture.
- Wellness initiatives, wellbeing days, and resources supporting employee health and balance.
- Global employee sustainability initiatives and opportunities to contribute to community programs.
- Team activities, competitions, and engagement programs fostering connection and collaboration.
Requirements
The ideal candidate brings strong cybersecurity operations experience, with hands-on expertise in security investigations, threat detection, and incident response. This role requires technical curiosity, strong analytical abilities, and the ability to manage multiple investigations in a fast-paced environment.
Benefits
Explore More
Date Posted
07/14/2026
Views
0