Security Operations Center Analyst

Job Title: Cybersecurity Operations Analyst

Function: Information Security / Cyber Defense

Industry: NBFCMFI

Experience: 2-5 Years

Educational qualification: B.Tech(CS,IT) B.sc IT, BCA, MCA

Employment Type: Full-Time (On-Roll)

Location: Head Office, Varanasi (Onsite)

Reporting To: CISO

Role Overview

This is an execution-focused cybersecurity operations role responsible for strengthening business-as-usual (BAU) security monitoring , internal vulnerability management , and regulatory compliance within an NBFCMFI environment. The role works closely with the CISO and IT teams to ensure continuous threat detection, risk mitigation, and audit readiness.

Key Responsibilities

1. SIEM Operations

• Perform daily monitoring and analysis of security logs and alerts using IBM QRadar.
• Conduct first-level alert triage and preliminary investigation of security events.
• Escalate confirmed incidents to the CISO and relevant IT teams with documented evidence.
• Maintain SIEM dashboards, alert use cases, and operational documentation.
• Support onboarding of new log sources and conduct routine SIEM health checks under CISO guidance.

2. Internal VAPT & Vulnerability Management

• Execute monthly internal vulnerability scans across systems, applications, and infrastructure.
• Assist in controlled internal penetration testing exercises as per approved scope.
• Validate identified vulnerabilities, prepare risk summaries, and track remediation progress.
• Perform re-validation scans to confirm closure of findings.
• Maintain complete VAPT documentation and audit evidence.
• Review and track security advisories issued by CERT-In and relevant technology vendors.

3. Regulatory Compliance & Threat Management

• Support compliance with cybersecurity advisories, guidelines, and directives issued by the Reserve Bank of India and other applicable regulators.
• Track regulatory circulars and security notifications to assess applicability to the organization.
• Monitor emerging threats, attack vectors, and vulnerability trends.
• Assist in implementing additional security controls based on identified risks under CISO supervision.
• Continuously enhance technical and analytical skills aligned with the evolving threat landscape.

4. Incident Handling, Documentation & SOPs

• Assist in incident investigation, documentation, and maintenance of incident registers.
• Coordinate with IT teams during containment, eradication, and recovery activities.
• Prepare operational reports covering monitoring metrics, vulnerabilities, incidents, and mitigation status.
• Track corrective actions, ensure timely closure, and validate evidence.
• Support continuous improvement of SOC processes, SOPs, and security controls.

Required Skills & Experience

Experience

• 2 to 5 years of hands-on experience in cybersecurity operations, including SOC monitoring, SIEM analysis, incident handling, and vulnerability management.
• Clear exposure to execution-oriented operational roles rather than advisory or consulting profiles.

Technical Skills

• Working knowledge of SIEM platforms, preferably IBM QRadar.
• Practical experience with vulnerability scanning tools such as Nessus, Qualys, or OpenVAS.
• Basic exposure to penetration testing tools including nmap, Burp Suite, and Metasploit.
• Strong analytical capability to interpret logs, alerts, and security findings with precision.

Knowledge

• Awareness of RBI cybersecurity expectations, CERT-In advisories, and foundational ISO 27001 controls.

Soft Skills

• Strong documentation and reporting discipline.
• Ability to work effectively in a lean team environment and follow defined operational processes.

Certifications (Preferred, Not Mandatory)

• CEH, eJPT, or equivalent entry/intermediate-level certifications.
• Advanced certifications such as CPENT, eCPPT, or OSCP are desirable but not mandatory.

Performance Expectations (Initial Phase)

• Ensure uninterrupted BAU SIEM monitoring.
• Establish and maintain a consistent monthly internal vulnerability scanning program.
• Maintain audit-ready documentation and evidence repositories.
• Reduce dependence on annual-only security assessments through continuous internal VAPT execution.

Compensation

• As per industry norms