ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it , our most valuable asset is our people. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning; bold ideas; courage an d passion to drive life-changing impact to ZS.
Our most valuable asset is our people .
At ZS we honor the visible and invisible elements of our identities, personal experiences and belief systems-the ones that comprise us as individuals, shape who we are and
make us unique. We believe your personal interests, identities, and desire to learn are part of your success here. Learn more about our diversity, equity, and inclusion efforts and the networks ZS supports to assist our ZSers in cultivating community spaces, obtaining the resources they need to thrive, and sharing the messages they are passionate about.
ZS Associates is hiring Senior Senior Security Operations Analyst in our Pune, India office. We are seeking candidate with a strong background in Security Information and Event Management (SIEM) platforms, specifically Microsoft Sentinel and Splunk. The ideal candidate will have experience in SIEM migrations, and will be responsible for leading advanced threat detection, response, and monitoring activities. This role will be critical in enhancing our cybersecurity posture and ensuring ZS environment remains secure against emerging threats.
What You'll Do :
- Manage the day-to-day operations of Microsoft Sentinel / Splunk, including rule creation, log ingestion, data analytics, and alert triaging.
- Drive SIEM migration efforts, including planning, implementation, and post-migration optimization.
- Develop and tune detection rules, use cases, and analytics within Sentinel to improve threat visibility and detection capabilities.
- Perform proactive threat hunting to identify and mitigate advanced threats.
- Conduct in-depth incident investigations and coordinate response efforts to ensure swift remediation.
- Collaborate with internal stakeholders and the Threat Intelligence team to identify and mitigate potential security threats.
- Generate reports and dashboards to communicate SOC performance metrics and security posture to leadership.
- Continuously improve SOC processes and playbooks to streamline operations and response efforts.
- Mentor junior SOC analysts and provide guidance on security best practices.
- This role requires participation in a rotational shift.
- Flexibility and availability to respond to urgent incidents outside of assigned shifts as needed.
What You'll Bring :
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).
- 4+ years of experience in a Security Operations Center (SOC) environment, with a focus on SIEM management.
- Strong hands-on experience with Microsoft Sentinel, including data connectors, KQL queries, analytics rules, and workbooks.
- Experience with SIEM migration.
- Expertise in incident response, threat detection, and security monitoring.
- Solid understanding of Windows, Linux, and cloud security concepts.
- Relevant certifications (e.g., Microsoft Certified: Security Operations Analyst, GCIA, GCIH, OSDA, GCFA) are preferred.
- Preferred Security Cloud Certifications: AWS Security Specialty
- Strong analytical and problem-solving abilities.
- Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams.
- Proven ability to remain calm and efficient under pressure in high-stress environments.
- Proficient in using SIEM tools, such as Microsoft Sentinel and Splunk.
- Experience with data migration strategies across SIEM platforms.
- In-depth understanding of cyber threats, vulnerabilities, and attack vectors.
- Proficient in creating KQL queries and custom alerts within Microsoft Sentinel.
- Expertise in developing SIEM use cases and detection rules.
- Skilled in incident response and management procedures.
- Experienced in conducting deep-dive investigations and root cause analysis for incidents.
- Adept at collaborating with stakeholders to resolve complex cybersecurity challenges.
- Ability to automate routine SOC processes to enhance operational efficiency.
- Experienced in mentoring and guiding junior analysts in security operations.
- Knowledge of major cloud platforms (AWS, Azure, GCP), including their security models, IAM roles, virtual private cloud (VPC) configurations, and cloud-native security tools.
Perks & Benefits:
ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths and collaborative culture empowers you to thrive as an individual and global team member.
We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and on-site presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Considering applying?
At ZS, we're building a diverse and inclusive company where people bring their passions to inspire life-changing impact and deliver better outcomes for all. We are most interested in finding the best candidate for the job and recognize the value that candidates with all backgrounds, including non-traditional ones, bring. If you are interested in joining us, we encourage you to apply even if you don't meet 100% of the requirements listed above.
To Complete Your Application:
Candidates must possess work authorization for their intended country of employment.
An on-line application, including a full set of transcripts (official or unofficial), is required
to be considered.
NO AGENCY CALLS, PLEASE.
Find Out More At:
www.zs.com
Top Skills
ZS Gurugram, Haryana, IND Office
ZS Delhi (Gurugram) Office
ZS launched its Gurugram office in 2014 with a focus on fostering collaboration, augmenting knowledge and serving their clients in the pharma domain. Since then, ZS has expanded floors in our Gurugram office and opened a second location in Noida.
ZS Noida, Uttar Pradesh, IND Office
ZS Delhi (Noida) Office
14th Floor, BPTP Capital City, Sector 94, Noida, Uttar Pradesh, India, 201301