Security Analyst

Job Summary

We are looking for a Security Analyst to join the MakeMyTrip Cybersecurity team and

strengthen MMTs defense against evolving cyber threats. This role involves monitoring,

analyzing, and responding to security incidents while enhancing our security framework.

The ideal candidate should have 4-6 years of experience in Security Operations, with a strong

focus on Endpoint Security and network security controls. Hands-on experience with security

tools in these areas is essential. Scripting knowledge is preferable, along with a proactive

learning attitude, strong problem-solving skills, and a can-do mindset.

Key Responsibilities

• Monitor and analyse security events across endpoints, networks, and cloud
  
  

environments.

• Implement and manage security controls using various security technologies.
• Ensure strong endpoint protection and respond to threats, vulnerabilities, and
  
  

suspicious activities.

• Manage and enhance email security to prevent phishing, malware, and other emailbased threats.
• Work on Zero Trust security principles to enhance access control and identity
  
  

security.

• Assist in security incident detection, response, and remediation efforts.
• Develop and maintain security policies, procedures, and compliance
  
  

documentation.

• Collaborate with IT and security teams to strengthen the overall security posture.
• Automate security processes using Python, PowerShell, or Bash.
• Stay updated on emerging threats, vulnerabilities, and security technologies.
  
  

Required Skills & Qualifications

• 2-6 years of experience in cybersecurity, focusing on endpoint security, network
  
  

security, and cloud security.

• Hands-on experience with security tools in areas such as:
• Endpoint Security: EDR, XDR, Incident Response, malware analysis, threat
  
  

hunting.

• Network Security: NAC, firewalls, IDS/IPS, network segmentation, Zero
  
  

Trust access.

• Cloud & Web Security: SSE, CASB, Secure Web Gateway, DLP, cloud
  
  

security posture management

• Email Security: Email analysis, expertise in email authentication
  
  

protocols, knowledge of modern email-based cyber threats, and

integration of threat intelligence

• Strong understanding of Zero Trust security models and implementation.
• Knowledge of security best practices, frameworks, and compliance standards
  
  

(NIST, ISO 27001, CIS, etc.).

• Experience in security incident investigation, threat intelligence, and vulnerability
  
  

management.

• Scripting knowledge (Python, PowerShell, Bash) is a plus.
• Familiarity with SIEM tools and log analysis for threat detection.
• Excellent problem-solving skills and a proactive learning attitude.
• Strong communication and documentation skills to convey security insights
  
  

effectively.

---