Lead Security Analyst

As a Senior Security Analyst, you will play a key role within the expanding IT Security team, responsible for monitoring networks and endpoints to detect and respond to malicious or anomalous activity. Working closely with the IT Security Manager and broader team, you will lead the design, implementation, and maintenance of security tools, frameworks, and processes to strengthen the organization’s security posture.

You will review and assess security incidents, determining their risk and priority, and act as an escalation point for less experienced analysts.

In addition, you will be actively engaged in the software development lifecycle, advising development teams on secure coding practices and security architecture to ensure all internal tools and applications are built with security-by-design principles.

Mandatory Skill set

• Microsoft Sentinel (Azure Sentinel)
• SAST / DAST (Static Application Security Testing / Dynamic Application Security Testing)
• Code Scanning (Application Security Scanning) / SEC OPS / Secure Dev Practices
• Penetration Testing
• Security Standards – ISO
• IAM (Identity and Access Management) Cloud – Azure
• OAuth (Open Authorization) / Tokenization /SSD

Key responsibilities & Accountabilities:

• Design, implement, and maintain security tools and processes to continuously strengthen CLIENT’s IT security posture.

• Provide expert guidance to development teams on secure coding practices and security architecture throughout the software development lifecycle.

• Conduct comprehensive security reviews of software prior to release to ensure compliance with CLIENT’s security standards and requirements.

• Serve as an escalation point for complex security investigations and incident resolutions, providing technical support and direction to junior team members.

• Develop and maintain Standard Operating Procedures (SOPs), policies, and documentation governing information security practices and protocols.

• Collaborate with IT teams to review and address findings from vulnerability assessments, penetration tests, and security audits, ensuring timely risk mitigation and remediation.

• Analyze and assess identified vulnerabilities to determine their potential impact on CLIENT’s systems and infrastructure.

• Stay current with emerging cybersecurity trends, threats, and technologies, proactively recommending improvements where necessary.

• Support incident management processes by reviewing reported issues, assessing risk and urgency, and guiding the team toward effective and timely resolution.

Skills & Ability

• Analytical Thinking: Demonstrates excellent problem-solving skills with the ability to assess complex security challenges and recommend effective solutions.

• Attention to Detail: Maintains a meticulous approach when analyzing incidents, reviewing vulnerabilities, or assessing risks to ensure accuracy and completeness.

• Leadership & Mentorship: Acts as a team leader and point of escalation for less experienced analysts, providing guidance, technical direction, and knowledge sharing.

• Security Detection & Monitoring: Oversees monitoring of systems and networks for malicious or anomalous activity using advanced detection tools and methods.

• Incident Response: Leads and coordinates the response to security incidents, ensuring timely containment, eradication, and recovery while minimizing business impact.

• SIEM Proficiency: Demonstrates hands-on expertise in SIEM platforms such as Azure Sentinel, including rule configuration, alert tuning, and incident correlation.

• Vulnerability Management: Conducts and manages vulnerability assessments, tracks remediation efforts, and collaborates with IT teams to mitigate identified risks.

• Secure Software Development: Provides security guidance throughout the software development lifecycle (SDLC), promoting secure-by-design principles and best practices.