Cybersecurity Analyst
Key Responsibilities
Security Monitoring & Alert Triage
* Monitor and triage security alerts and platform health notifications from SIEM (Microsoft Sentinel), NIDS, NMS, and OT-specific security platforms (Nozomi Vantage, Claroty SRA).
* Perform initial classification of alerts based on severity, asset criticality, and business impact, ensuring
timely action in line with customer SLAs.
* Continuously monitor threat detection (MDR) and platform health (CCM) queues across assigned customer
accounts during shift.
Investigation & Incident Handling
* Conduct initial investigation and basic correlation of security events following documented SOPs, playbooks, and runbooks.
* Enrich alerts with contextual data - asset information, past incident history, known threat indicators -
and update ticketing systems (ServiceNow, iTop) with structured case notes.
* Identify and escalate complex security incidents, advanced threats, or platform issues to MDR L2 or CCM L2
teams with full context and documented handoff.
* Coordinate with L2 analysts and Security SMEs during critical incidents to support mitigation and closure of
high-severity events.
* Update and follow incident response playbooks aligned to the OT/ICS threat landscape, including adversary
behaviour in industrial environments.
Reporting & Documentation
* Maintain thorough documentation of all actions taken, follow-ups, escalation history, and case closure
notes within the ticketing system.
* Prepare KPI dashboards, shift handover reports, and contribute to Monthly Service Reports (MSRs) for
assigned customer accounts.
* Support SIEM administration activities including ad hoc reporting and basic troubleshooting.
Shift Operations & Team Collaboration
* Adhere to shift operational standards including ticketing hygiene, SLA adherence, and shift handover
protocols.
* Liaise with internal stakeholders and customer contacts regarding security issues, service updates, and
future recommendations.
* Coordinate with Security SMEs to support the development and tuning of detection rules targeting
adversary activity in ICS/OT domains.
* Support security awareness activities and contribute to internal knowledge-sharing and knowledge base
updates.
* Participate in SOC shift roster management to ensure continuous 24×7 coverage.
* 1-3 years of experience in a Security Operations Centre (SOC) or MSSP environment with 24×7 shift
exposure.
* Demonstrated ability to monitor, triage, and investigate security events in a production SOC environment.
* Hands-on experience with SIEM platforms
* Microsoft Sentinel is essential; Splunk is advantageous.
* Experience working with ticketing platforms such as ServiceNow or JIRA for case handling, alert triage, and
escalation workflows.
Looking to make an IMPACT with yo...
- Rate: Not Specified
- Location: Bangalore, IN-KA
- Type: Permanent
- Industry: Finance
- Recruiter: Schneider Electric
- Contact: Not Specified
- Email: to view click here
- Reference: 122498-en-us
- Posted: 2026-06-16 08:02:50 -
- View all Jobs from Schneider Electric
More Jobs from Schneider Electric
- Postbote für Pakete und Briefe (m/w/d)
- Postbote für Pakete und Briefe (m/w/d)
- F&B Supervisor - Crowne Plaza Carlton
- Journeyperson E&I Technician
- Laboratory Technician
- Verkäufer Postfiliale (m/w/d) in 99441 Magdala in Geringfügigkeit (Minijob)
- Lift Truck Operator
- Surveyor Helper
- Machine Operator
- Production Superintendent - Corrugated
- Product Line Manager - Optical Solutions
- Forklift Driver
- Payroll Specialist
- Furnace Operator - Titanium Metal Making (Albany, OR)
- Furnace Operator - Titanium Metal Making (Albany, OR)
- Accounting & Inside Sales Administrator
- Sortierer für Pakete (m/w/d)
- Apprentice Optician - The Village at Totem Lake
- Advisor - Vinings Jubilee
- Advisor - 69th and 3rd avenue