Security Analyst

Job Description

Job Summary We are looking for a Security Analyst to join the MakeMyTrip Cybersecurity team and strengthen MMTs defense against evolving cyber threats. This role involves monitoring, analyzing, and responding to security incidents while enhancing our security framework. The ideal candidate should have 4-6 years of experience in Security Operations, with a strong focus on Endpoint Security and network security controls. Hands-on experience with security tools in these areas is essential. Scripting knowledge is preferable, along with a proactive learning attitude, strong problem-solving skills, and a can-do mindset. Key Responsibilities Monitor and analyse security events across endpoints, networks, and cloud environments. Implement and manage security controls using various security technologies. Ensure strong endpoint protection and respond to threats, vulnerabilities, and suspicious activities. Manage and enhance email security to prevent phishing, malware, and other emailbased threats. Work on Zero Trust security principles to enhance access control and identity security. Assist in security incident detection, response, and remediation efforts. Develop and maintain security policies, procedures, and compliance documentation. Collaborate with IT and security teams to strengthen the overall security posture. Automate security processes using Python, PowerShell, or Bash. Stay updated on emerging threats, vulnerabilities, and security technologies. Required Skills & Qualifications 2-6 years of experience in cybersecurity, focusing on endpoint security, network security, and cloud security. Hands-on experience with security tools in areas such as: Endpoint Security: EDR, XDR, Incident Response, malware analysis, threat hunting. Network Security: NAC, firewalls, IDS/IPS, network segmentation, Zero Trust access. Cloud & Web Security: SSE, CASB, Secure Web Gateway, DLP, cloud security posture management Email Security: Email analysis, expertise in email authentication protocols, knowledge of modern email-based cyber threats, and integration of threat intelligence Strong understanding of Zero Trust security models and implementation. Knowledge of security best practices, frameworks, and compliance standards (NIST, ISO 27001, CIS, etc.). Experience in security incident investigation, threat intelligence, and vulnerability management. Scripting knowledge (Python, PowerShell, Bash) is a plus. Familiarity with SIEM tools and log analysis for threat detection. Excellent problem-solving skills and a proactive learning attitude. Strong communication and documentation skills to convey security insights effectively.