CareerStation
ID

IT Security Analyst II

IDESLABS
Pune5-7 LPA Posted 15 May 2025
FULL TIME
Splunk
Siem
EDR
Cloud Security

Job Description

Job description

  • To be part of a global security operations center and be responsible for - proactively identify threats and vulnerabilities; implement industry best practices; participate in the review and resolution of opportunities from both internal and external IT security audits; provide recommendations to the overall IT security posture of the organization; and participate in the creation of IT security awareness communications to the organization that adhere to corporate safety and security regulations

Responsibilities:

  • Investigate and provide proper incident response to security alerts.
  • Identify new security use cases and create required detection rules in the system.
  • Work with the customer to gather requirements, propose use cases and build them in Splunk.
  • Perform administration activities in Splunk including integration of log sources, creation of queries for security use cases, dashboards, troubleshoot issues.
  • Assist and train team members on how to investigate and respond to various security threats.
  • Manage and support wide range of security technologies including SIEM, EDR, Vulnerability Scanners, Identity and Access Management, Data Loss Prevention, and Cloud Security.
  • Participate in security solution design and security consultation.
  • Work with the customer point of contacts for any escalated incidents, security remediation.
  • Create required dashboards and provide reports.
  • Actively participate in customer meetings and give presentations.

Job Requirements:

  • Bachelors degree in Computer Science, Information Security, or an equivalent degree.
  • 4+ years of working experience in Information Security.
  • Vast experience in Splunk Enterprise and Enterprise Security.
  • Have experience in integration of log sources, defining use cases, creation of new correlation rules, creation of dashboards, implementing best practices in Splunk environment.
  • Good understanding of security threats and mitigation strategies.
  • Have in-depth knowledge on how to investigate and respond to various security alerts, and can able to create incident response procedures for same.
  • Certification in any of the following is a plus: Splunk Certified Admin/Architect, CEH.
  • Demonstrated excellent response to critical incidents and security threats in the past.
  • Excellent analytical, presentation, customer service and facilitation skills.
  • Ready to work in 24x7 Security operations.

Required Skills

SplunkSiemEDRCloud Security
Join WhatsApp Channel