Security Analyst

Threat Hunting & Incident Response Pune, India

What We Do
Managing cyber risk, together – Today the modern enterprise is an Enterprise of Things. We are on a mission to secure the Enterprise of Things with active defense by identifying, segmenting, and enforcing compliance of every connected thing in a real-time and at scale. Our unified security platform enables enterprises and government agencies to focus on Zero Trust segmentation, IT/OT convergence, and OT/ICS innovation, all supporting our mission and vision.
Join us as we secure the world with our products. We are looking for resourceful individuals to collaborate as one team while ensuring a world-class customer experience. We are cyber-obsessed about addressing the world’s most challenging security problems. Innovation starts here, everyone’s ideas are valued, visionaries welcomed!
We are currently seeking a Security Operations Center Analyst to join a growing security team. We are looking for highly talented people with a passion for cybersecurity, problem solving, and partnering with customers as part of a cohesive team. The ideal candidate will have a strong background in IT security and is comfortable with both customer-facing and security implementation roles.
What You Will Do
  • Detection, monitoring, analysis, resolution of security incidents; participate in providing containment and recommendations.
  • Coordinate escalations to external client support teams to ensure timely delivery of incident resolutions.
  • Perform network/system/application/log intrusion detection analysis and trending.
  • Contribute in tuning of the SIEM filters and correlation rules to continuously improve detection
  • Participate in the security incident handling efforts in response to a detected incident, and coordinate with other stakeholders and clients.
  • Ensure that Service Level Agreements are met.
  • Maintain standard operating procedures, processes and guidelines.
  • Contribute to automate analysis and investigative functions / tasks, administration and remediation procedures, workflows and other operational tasks.
  • Maintain awareness of trends in security regulatory, technology, and operational requirements
  • Shift rotation will be required for this role.
  • The Security Analyst is responsible for the security analysis, incident classification, investigation and incident response actions including notification and alerting.
  • Through the correlation rules and use-cases in the monitoring platform, you will Monitor customer environments for possible security incidents, using knowledge of attack types and standard protocol behaviour to classify incidents, comment, and provide advice on mitigation or remedial actions.
  • Identification of incidents and subsequent analysis and investigation to determine their severity and the response required.
  • Ensure that incidents are correctly reported and documented.
  • Be prepared to provide a Technical Escalation Point during security incidents, establishing the extent of an attack, the business impacts, and advising on how best to contain the incident along with advice on systems hardening and mitigation measures to prevent a reoccurrence.
  • Maintain a keen understanding of evolving threats and vulnerabilities to ensure the security of the client network.
  • As required update Protective Monitoring/SOC documentation, processes and procedures.
  • Support, troubleshoot, configure, manage, and upgrade FW, NIDPS, UTM, VPN, WAF and a wide variety of other security products.
What You Will Bring
  • Graduate with a degree from a recognized university with specialization in Computer Sciences or any other discipline, combined with 2-8 years of directly related practical experience and demonstrated ability to carry out the functions of the job.
  • Strong experience of any SIEM platform (ELK, Splunk, QRadar, ArcSight, LogRhythm, RSA, etc.)
  • Thirst for knowledge, inquisitive nature, keen interest in actively participating in SOC expansion.
  • Experience working in an IT Security Operations Center, using SANS methodology.
  • Experience and extensive knowledge of Security Information Event Management.
  • Strong network security knowledge including firewalls, IPS/IDS, WAF, NAC platforms from different vendors.
  • Working knowledge or hands-on experience in endpoint security detection & response technologies and platforms (AV, EDR, MDR, XDR, families).
  • Experience in Intrusion Detection or Prevention Systems.
  • Strong Knowledge of: TCP/IP, computer networking, routing and switching.
  • Experience in Linux and Windows based devices at the System Administrator level.
  • System log forensics (Syslog, Event Viewer).
  • EC Council: C|HFI, ECAS or SANS: GIAC, GCFA, GCIH, GREM or other certifications are preferred.
  • Strong troubleshooting, reasoning and problem solving skills.
  • Ability and experience in writing clear and concise technical documentation.
  • Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web.
  • Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention.
  • (DLP), Identity and Access Management (IAM) solutions.
  • Knowledge of Forescout suite of security tools.
  • Experience with Linux, Windows and Network Operating Systems required.
  • Strong working knowledge of Routing and Access Control Devices required.
What Forescout Offers You
Managing cyber risk, together – We are led by a visionary leadership team who encourages professional growth and development. We promote a diverse and inclusive culture providing for a collaborative and innovative environment where our team can make an impact on worldwide security while working on technology which is at the forefront of the industry. We are also proud of our competitive compensation and benefits offered. If you have a strong work ethic, are visible and lean in, you will be recognised. We are in growth mode and there is a ton of opportunity at Forescout. Apply now to find out more!
More About Forescout
Forescout Technologies, Inc. delivers automated cybersecurity across the digital terrain, maintaining continuous alignment of customers’ security frameworks with their digital realities, including all asset types – IT, OT, IoT, IoMT. The Forescout Continuum Platform provides complete asset visibility, continuous compliance, network segmentation and a strong foundation for Zero Trust. For more than 20 years, Fortune 100 organisations and government agencies have trusted Forescout to provide automated cybersecurity at scale. Forescout arms customers with data-powered intelligence to accurately detect risks and quickly remediate cyberthreats without disruption of critical business assets. Learn more at
Our Mission
To continuously identify, protect, and ensure the compliance of all cyber assets across the modern organization.
Our Vision
A world where every cyber asset is seen, secure and compliant.
Our Cultural Values
  • One Team – We all work together, and we all win together.
  • Cyber Obsessed – We are curious about technology, innovative and passionate about solving problems.
  • Customer Driven – We listen, we learn, and we make it right.
  • Relentless – We're smart, determined, and find a way. We figure stuff out.
  • Collaborative, without Ego – No one succeeds alone. We strive to be the humble person that people want to work with.
Our DEI Statement
At Forescout, we are committed to fostering a diverse, equitable, and inclusive workplace. We believe that diversity of background, experiences, and perspectives leads to innovation, creativity, and better decision making. We strive to create an environment where all team members feel valued, respected, and empowered. We actively promote equal opportunities and fair treatment for all individuals, regardless of their race, ethnicity, gender, sexual orientation, religion, disability, or any other characteristic protected by law. By embracing Diversity, Equity, and Inclusion, we aspire to build a successful culture where we work together and win together as One Team.
Thank you for taking the time to learn more about us.  
If this opportunity intrigues you, we would love for you to apply!
NOTE TO EMPLOYMENT AGENCIES: We value the partnerships we have built with our preferred vendors. Forescout does not accept unsolicited resumes from employment agencies.All resumes submitted by employment agencies directly to any Forescout employee or hiring manager in any form without a signed Employment Placement Agreement on file and search engagement for that position will be deemed unsolicited in nature.No fee will be paid in the event.

Forescout Technologies is proud to be an Equal Employment Opportunity Employer. We value and embrace diversity, equality, inclusion, and collaboration at the core of our “One Team” philosophy. We do not discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.