Key Objectives

The Security Analyst will manage the end-to-end operational deployment, verification, incident handling and support of our Customers’ remote managed SIEM solution. This is a technical operational role focused on delivering quality service to our customers.


  • Provide operational and technical support to our customers. (note, candidates will receive training on all Managed Threat Protection tool sets)
  • Serve as a shift leader and point of escalation for level 1 analysts.
  • Oversee completion of day-to-day checklist(s), including log review, management report scheduling & running, alert analysis, and escalation follow up activity status
  • Manage security incident investigation and diagnosis (performs triage on incidents which are reported by the SIEM tool to filter out false positives and known accepted activities)
  • Validate incident containment and remediation recommendations provided to Customers.
  • Ensure all unresolvable cases are passed to the correct team for action as appropriate

Analysts Duties

  • Ensure a high level of quality when managing tickets, requests, and Customer queries
  • Execute Customer on-boarding
  • Capture requirements and prepare Customer SIEM filter & tuning requests
  • Prepare reports & distribute in readiness for Customer tuning calls
  • Arrange & manage client calls (record outputs/actions appropriately)
  • Create scheduled Customer reporting from existing reports, where appropriate
  • Maintain technical knowledge, tool proficiency, and system accesses, which allow you to perform the role
  • Ensure documentation is maintained appropriately on Sharepoint & new documents are created/stored correctly
  • Engage with Customers to build and maintain good, professional relationships
  • Manage operational relationships with all relevant parties


  • Responsible for the application of IT Security Policy, processes & procedures to mitigate risks to our Customers
  • May be required to provide on call emergency support if required by the business.


  • Bachelor’s degree in information systems or three years’ equivalent work experience in Network Security Systems & Operations.
  • Qualified to degree level, equivalent professional experience and/or with recognized technical/security qualifications.
  • Relevant experience and understanding of Network Security Systems & Operations
  • Understanding of system logging, including both Security and non-security logs
  • General knowledge of Linux/Unix and Microsoft Security Logging Policies
  • General knowledge of Network Application Logs Especially Proxies, Web Application Firewalls, and Stateful Firewalls
  • General knowledge of Syslog, SNMP, WMI and the benefits and limitations of each
  • Knowledge of Security management, network, and information security, and end-user security
  • User level experience with UNIX/Linux systems
  • Experience supporting one or more services within a Security Operations Center is a plus

Professional Skills

  • Excellent verbal and written communication skills with the ability to work effectively in a group setting. Consistent and proper communication to Customers, management, and team.
  • Ability to partner with teams such as developers, vendors, analysts, and project managers.


Bangalore, India

Netsurion is an equal opportunity employer. Qualified applicants are considered for employment without regard to race, color, age, national origin, religion, marital status, sex, sexual orientation, gender identity, gender expression, genetics, disability, protected veteran status or any other basis prohibited by applicable law.