Security Analyst

1. Security Monitoring & Threat Detection

• Monitor security alerts, logs, and events using SIEM tools.

• Detect suspicious activity, malware, unauthorized access, and policy violations.

• Investigate anomalies across endpoints, servers, networks, and cloud systems.

2. Incident Response

• Triage and respond to security incidents.

• Perform containment, eradication, and recovery activities.

• Escalate critical threats and coordinate with IT/business teams.

• Conduct post-incident root cause analysis.

3. Vulnerability Management

• Perform vulnerability scans using tools like Nessus, Qualys, Rapid7.

• Validate findings and prioritize remediation.

• Track patching status and risk reduction efforts.

4. Security Operations Center (SOC) Activities

• Analyze alerts from firewalls, IDS/IPS, EDR, antivirus, DLP, and email security tools.

• Reduce false positives and improve detection rules.

• Maintain incident tickets and case documentation.

5. Risk Assessment & Compliance

• Identify security risks and recommend controls.

• Support audits and compliance requirements such as ISO 27001, SOC 2, PCI-DSS, HIPAA, GDPR.

• Ensure adherence to internal security policies.

6. Access Control & Identity Security

• Review user access, privileges, MFA status, and privileged accounts.

• Support IAM controls such as least privilege and role-based access