Threat Analyst

IndiaFull-timePosted Jul 14, 2026
Apply

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Threat Analyst based in India.

This role offers an exciting opportunity to work at the forefront of cybersecurity, protecting organizations from sophisticated and evolving cyber threats. As part of a global Managed Detection and Response environment, you will investigate security incidents across endpoint, network, cloud, and identity ecosystems while contributing to proactive threat hunting and incident response initiatives. You will collaborate with experienced security professionals, gain exposure to real-world attack scenarios, and help strengthen clients' security postures through advanced analysis and remediation guidance. The position is ideal for analytical professionals who thrive in fast-paced environments and are passionate about cyber defense, threat intelligence, and continuous learning. With access to cutting-edge technologies and a collaborative remote-first culture, this role provides significant opportunities for professional growth and technical development.

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Threat Analyst based in India.

This role offers an exciting opportunity to work at the forefront of cybersecurity, protecting organizations from sophisticated and evolving cyber threats. As part of a global Managed Detection and Response environment, you will investigate security incidents across endpoint, network, cloud, and identity ecosystems while contributing to proactive threat hunting and incident response initiatives. You will collaborate with experienced security professionals, gain exposure to real-world attack scenarios, and help strengthen clients' security postures through advanced analysis and remediation guidance. The position is ideal for analytical professionals who thrive in fast-paced environments and are passionate about cyber defense, threat intelligence, and continuous learning. With access to cutting-edge technologies and a collaborative remote-first culture, this role provides significant opportunities for professional growth and technical development.

Accountabilities:

    • Investigate and analyze escalated security alerts and incidents across endpoint, network, cloud, and identity environments to identify malicious activity and determine appropriate response actions.
    • Conduct structured incident investigations to establish root causes, assess attack scope, identify lateral movement, and evaluate potential business impact.
    • Support ransomware investigations by analyzing attacker behaviors, persistence mechanisms, credential abuse techniques, and malware activity.
    • Perform malware analysis and deobfuscation of suspicious scripts and files to uncover indicators of compromise and adversary tactics.
    • Execute proactive threat hunting activities based on emerging intelligence, threat hypotheses, and evolving attack techniques.
    • Investigate suspicious authentication events, privilege escalation attempts, and identity-related security incidents.
    • Analyze security events across both Windows and Linux environments, including system logs, processes, and endpoint telemetry.
    • Correlate information from multiple data sources, including EDR platforms, SIEM solutions, cloud environments, and identity management systems.
    • Document investigative findings, provide clear remediation recommendations, and communicate effectively with internal stakeholders and clients.
    • Collaborate with senior analysts during complex or high-severity incidents and contribute to improving detection capabilities, playbooks, and response processes.
    • Participate in a rotational schedule supporting a 24/7/365 security operations environment.
    • Requirements

      • 4–6 years of experience in Security Operations Centers (SOC), Managed Detection and Response (MDR), Incident Response, or related cybersecurity operations roles.
      • Hands-on experience investigating endpoint and network security incidents using EDR and SIEM technologies.
      • Strong understanding of ransomware attack methodologies, intrusion techniques, and adversary behaviors.
      • Experience performing investigations across Windows and Linux systems, including log analysis and process examination.
      • Practical experience with malware analysis, script deobfuscation, and identifying malicious behaviors.
      • Familiarity with the MITRE ATT&CK framework and adversary tactics, techniques, and procedures (TTPs).
      • Knowledge of Windows Event Logs, Linux logging systems, Active Directory fundamentals, and identity-related security investigations.
      • Understanding of cloud security concepts and identity threat scenarios, including suspicious authentication activity and privileged account misuse.
      • Ability to analyze network traffic and protocols, including TCP/IP, DNS, and HTTP/S.
      • Scripting and automation skills are required, particularly with PowerShell and Python; knowledge of additional programming languages is advantageous.
      • Strong analytical thinking, troubleshooting capabilities, and attention to investigative detail.
      • Excellent written and verbal communication skills with the ability to produce clear technical documentation.
      • Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent professional experience.
      • Industry certifications such as Security+, CySA+, GCIH, or equivalent certifications are considered a strong advantage.
      • Ability to manage multiple investigations simultaneously in a dynamic and fast-paced environment.
      • Benefits

        • Remote-first working model providing flexibility and improved work-life balance.
        • Opportunity to work with advanced cybersecurity technologies and real-world threat investigations.
        • Exposure to global cybersecurity operations and collaboration with highly experienced security professionals.
        • Inclusive and diverse workplace supported by employee-led communities and advocacy networks.
        • Professional development opportunities and continuous learning within a rapidly evolving industry.
        • Global wellbeing initiatives, including wellness days, webinars, and employee support programs.
        • Participation in charity events, volunteering initiatives, and sustainability programs.
        • Engaging company culture featuring global fitness challenges, team activities, and knowledge-sharing opportunities.
        • Supportive and collaborative environment that values innovation, diversity, and career growth.
How Jobgether works: We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team. We appreciate your interest and wish you the best!  Why Apply Through Jobgether?    Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.     #LI-CL1

Want jobs like this matched to you?

Swoopd scores fresh postings against your résumé so you only see the matches that matter.

Get started free