Position Overview

Join Diligent’s world-class Security Operations team, where your work directly protects our people, data, and global operations. As a Staff Security Operations Analyst, you’ll play a critical role on the front lines — detecting, investigating, and responding to the threats that matter most.

Our mission is simple but vital: safeguard the confidentiality, integrity, and availability of information for our customers, employees, and the business. You’ll work in a high-impact environment where every action strengthens Diligent’s security posture and resilience. In this role, you’ll lead complex investigations, drive threat detection improvements, and guide our response to security incidents across a diverse global environment. You’ll also collaborate with some of the most talented professionals in security — influencing strategy, mentoring others, and helping shape how Diligent defends its systems and people. The shift pattern for this role is Mon-Fri 7am-3.30pm IST.

Key Responsibilities

• Independently drive end-to-end investigation and incident response for complex incidents (including collaboration, documentation, collaboration, and driving next steps and lessons learned).
• Collaborate with Managed Detection and Response providers to monitor for and investigate security alerts for threats to the confidentiality and integrity of key systems and data.
• Utilize threat intelligence sources to enhance detection capabilities and conduct proactive threat hunting.
• Evaluate current and prospective security tools to enhance the Diligent's overall security readiness.
• Collaborate effectively with cross-functional teams and stakeholders across the globe.
• Lead cross-functional initiatives to design and implement security measures to enhance Diligent’s security posture.
• Influence technical direction for the team and serve as a reliable point of technical escalation.
• Mentor junior and mid-level staff, participate in team and cross-functional interviews, and provide meaningful feedback.
• Consistently influence guidelines and operating practices of the team​.

Required Experience/Skills

• 7+ years of information security experience or the equivalent combination of education, technical training, or work experience.
• 3+ years leading security investigations and handling security incidents, especially as part of a dedicated Incident Response team.
• Strong interpersonal skills with the ability to easily and effectively interact with and support both technical and non-technical staff, at all levels, in both written and verbal forms.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Prior success in complex situations requiring one to react quickly, decisively, and deliberately.
• Expertise in key security operations and cloud security technologies including EDR, SIEM, CNAPP, and vulnerability scanners.
• Expertise in log analysis and threat hunting.
• Success leading complex, cross-functional initiatives and helping others work on the components thereof​.
• Writing scripts to automate processes or gather data using tools such as PowerShell, Bash, Python, SQL, etc.
• Working with regulatory compliance and information security management frameworks (e.g., ISO 27000, COBIT, NIST 800-53, MITRE ATT&CK, etc.).
• Strong understanding in the following areas (demonstrated expertise in one or more of the following areas preferred):
• Threat activity, including actors, motivations, TTPs, intelligence sources, etc.
• Networking concepts and protocols such as TCP/IP, DNS, VPN, firewalls, IDS/IPS, etc.
• Identification, authentication, and authorization concepts and protocols such as Active Directory, IDPs, OIDC, OAuth, RBAC, SAML, MFA, etc.
• Public cloud resources and concepts such as virtual machines, containers, images, serverless functions, roles, policies, APIs, etc.
• Prior experience with one or more of the following:
  • Working in an application security, cloud security, or security operations center role.
  • Building, tuning, and maintaining detections for a SIEM or alerting system.
  • Writing technical runbooks for alert investigation and incident response.

Preferred Experience/Skills

• Prior experience handling security incidents involving public cloud resources (especially AWS) and custom-developed software solutions or products.
• Advanced security certification focusing on incident response or cloud security such as GCFA, GCFR, GCIH, GEIR, CCSP, AWS Certified Security – Specialty, etc.