Information Security Analyst

Intapp is looking for a Tier 2 Cybersecurity analyst with well-versed skills in Incident handling. The candidate will work with Cybersecurity and cross-team to triage, investigate and respond to cybersecurity incidents. 

The working hours for this candidate shall be between 8am local time to 5PM local time, however, if an incident comes up or is escalated then they will need to stay with the incidents until it is handed over to the next on-call team member. 

What you will do: 

•  Continuously review and analyze logs from Microsoft 365, Azure Sentinel, and Microsoft Defender, Network Firewall, Application firewall and other log sources to identify potential security incidents.

• Ensure proper logging and monitoring practices are in place. 

• Evaluate incidents identified by Tier 1 analysts and escalate them as necessary.

• Conduct in-depth analysis and take appropriate actions to contain and remediate threats using Azure Sentinel, Microsoft Defender, Network Firewall and Web application firewall. 

•  Update and monitor existing incidents to ensure they are being addressed in a timely and effective manner.

• Track the progress of incident resolution and provide regular updates to stakeholders. 

• Document and report on security incidents, including detailed analysis and recommendations for improvement.

• Prepare incident reports and post-incident analysis using Microsoft Sentinel Workbooks. 

•  Provide support and guidance to Tier 1 SOC Analysts during their investigations.

• Utilize Azure Sentinel to monitor and analyze security alerts from various sources.

• Use Kusto Query Language (KQL) to create custom queries for advanced threat detection and investigation. 

•  Integrate threat intelligence feeds into Azure Sentinel to enhance detection capabilities.

• Use indicators of compromise (IOCs) to identify affected systems and the extent of attacks. 

• Stay up to date with the latest cybersecurity trends, threats, and technologies.

• Participate in training and development programs to enhance your skills and knowledge. 

you will need:  

• 5+ years of experience in Incident handling role. 

• 8+ years of experience in IT and/or Cybersecurity. 

• Strong knowledge of Microsoft Sentinel, KQL, and Microsoft Defender. 

• Strong knowledge of MITRE framework. 

• Firm knowledge of OWASP-Top 10 vulnerability and attacks. 

• Strong inter-personal communication skills. 

What you'll gain at Intapp: 

Our culture at Intapp emphasizes accountability, responsibility, and growth.  We support each other in a positive, open atmosphere that fosters creativity, approachability, and teamwork. We’re committed to creating a modern work environment that’s connected yet flexible, supporting both professional success and work-life balance. In return for your passion, commitment, and collaborative approach, we offer: 

• Competitive base salary plus variable compensation and equity 

• Generous paid parental leave, including adoptive leave 

• Traditional comprehensive benefits, plus: 

• Generous Paid Time Off 

• Tuition reimbursement plan 

• Family Formation benefit offered by Carrot 

• Wellness programs and benefits provided by Modern Health 

• Paid volunteer time off and donation matching for the causes you care about 

• Opportunities for personal growth and professional development supported by a community of talented professionals 

• An open, collaborative environment where your background and contributions are valued 

• Experience at a growing public company where you can make an impact and achieve your goals 

• Open offices and kitchens stocked with beverages and snacks 

 #LI-ES1

Intapp provides equal employment opportunities to all qualified applicants and will make hiring decisions without regard to race, color, sex, sexual orientation, gender identity or expression, religion, national origin or ancestry, age, disability, marital status, pregnancy, protected veteran status, protected genetic information, political affiliation, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks if applicable to the position.

Please note: Intapp will not hire through text message, social media, or email alone. We will never extend a job offer unless you have been contacted directly by an Intapp recruiter and have participated in the interview process which will generally consist of 3 or more virtual or in person meetings. Please note that Intapp only uses company email addresses, which contain “@intapp.com” or “@dealcloud.com” to communicate with candidates via email. Intapp will never ask for financial information of any kind or for any payment during the job application process. We post all legitimate job openings on the Intapp Career Site at https://www.intapp.com/working-at-intapp/. If you believe you were a victim of such a scam, you may contact your local authorities. Intapp is not responsible for any claims, losses, damages, or expenses resulting from scammers.