Security Operations Analyst II

Security Operations Analyst II 

POSITION SUMMARY 

The Security Operations Analyst II is an exciting role within our global Security Operations Center, providing security monitoring, incident analysis, and coordinated response to protect payment processing infrastructure. Based in India, this position delivers critical coverage during India business hours as part of our follow-the-sun model, bridging US and EU teams across time zones. 

This role requires strong technical proficiency, clear communication for global coordination, and the ability to independently manage security incidents from detection through resolution. The right candidate brings proven investigative skills and solid operational instincts -- ready to contribute meaningfully while learning the nuances of our environment through hands-on training and shadowing. 

KEY RESPONSIBILITIES 

Security Monitoring and Analysis 

• Monitor SIEM platforms, EDR tools, and network security appliances for indicators of compromise and anomalous activity 

• Triage, investigate, and respond to security alerts -- distinguish true positives from noise through analysis of logs, network traffic, endpoint telemetry, and threat intelligence 

• Monitor report mailboxes and escalation queues; assess priority and pivot to investigation or response as needed 

• Conduct proactive threat hunting to identify threats that evade automated detection 

• Collaborate with IT, network engineering, and application teams during triage to gather context and coordinate response 

Incident Response and Coordination 

• Serve as incident coordinator during assigned shifts, orchestrating response across distributed global teams 

• Execute containment, eradication, and recovery actions per established playbooks 

• Coordinate with US and EU personnel during incident handoffs with clear, comprehensive briefings 

• Engage stakeholders to facilitate system isolation, evidence collection, and remediation 

• Document incident timelines, actions, and lessons learned per compliance requirements 

• Escalate critical incidents to senior leadership with situation assessments and recommended actions 

Global Operations and Process Improvement 

• Provide seamless follow-the-sun coverage, participating in daily global SOC briefings 

• Collaborate with security engineering to tune detection rules and reduce false positives 

• Refine playbooks, procedures, and documentation based on operational experience 

• Stay current with emerging threats and industry best practices in financial services security 

QUALIFICATIONS 

Experience 

• 3-5 years in security operations with progression from junior to intermediate responsibilities 

• Minimum 2 years hands-on incident investigation and response in enterprise environments 

• Experience in global or distributed SOC teams with cross-timezone coordination 

• Financial services, payment processing, or regulated industry background preferred 

Technical Skills 

• Strong SIEM proficiency (Splunk, QRadar, Sentinel, or similar) including query development 

• EDR experience (CrowdStrike, Carbon Black, Defender, or SentinelOne) 

• Network protocol knowledge (TCP/IP, DNS, HTTP/S) and packet analysis skills 

• Windows and Linux investigation techniques; scripting ability (Python, PowerShell, or Bash) 

• Familiarity with MITRE ATT&CK and common attacker TTPs 

Education and Certifications 

• Bachelor's degree in Computer Science, Cybersecurity, or related field; equivalent experience considered 

• Security certifications (Security+, GCIH, CEH) valued; advanced certs (GCIA, GCFA, CISSP) a plus 

Preferred 

• Cloud security monitoring experience (AWS, Azure, or GCP) 

• SOAR platform experience; threat intelligence integration 

• Digital forensics background; PCI DSS familiarity 

CORE COMPETENCIES 

• Technical Excellence: Thorough investigations and sound conclusions under pressure 

• Communication: Exceptional written and verbal English for global coordination and documentation 

• Critical Thinking: Synthesizes information from multiple sources; identifies complex attack patterns 

• Self-Direction: Works independently with sound judgment on when to escalate 

• Collaboration: Partners effectively across teams, time zones, and cultures 

REPORTING STRUCTURE 

Direct Reporting: Senior Manager, Security Operations 

WORKING CONDITIONS 

This position operates within a 24/7 global Security Operations Center environment based in India, providing coverage that overlaps with US East Coast, US West Coast, and European security teams. Standard working hours align with India business hours (9:00 AM to 6:00 PM IST) with flexibility required for incident response, global team coordination, and critical maintenance activities. The analyst must be available for on-call rotation to support after-hours critical incidents. 

New hires will receive structured onboarding including training and shadowing to learn our specific environment, tooling, and operational procedures. 

This job description conveys information essential to understanding the scope of the position and is not an exhaustive list of skills, efforts, duties, responsibilities, or working conditions associated with it. Management reserves the right to modify, add, or remove duties as necessary.