Proofpoint Security Analyst

• Perform L1 triage of Proofpoint-generated alerts and incidents, including phishing, malware, spam, and email impersonation threats.
• Analyze suspicious emails, URLs, and attachments using Proofpoint and supporting security tools.
• Classify incidents based on severity, impact, and risk, and escalate to L2/L3 teams when required.
• Conduct basic Splunk log analysis to correlate email security events and identify patterns or anomalies.
• Use SOAR tools (e.g., XSOAR) to execute playbooks, assist in incident response workflows, and support automation.
• Perform initial investigation, documentation, and incident tracking as per SOC processes.
• Support threat containment actions such as email quarantine, user notifications, and IOC validation.
• Maintain accurate incident records and provide clear handovers and reports.
• Adhere to security policies, SLAs, and operational procedures.

• 3-4 years of experience in Security Operations, SOC, or Email Security roles.
• Strong understanding of email security concepts, including:

• Phishing, spear phishing, BEC
• Malware delivery via email
• Spoofing, impersonation, and domain abuse
• Hands-on experience with Proofpoint Email Protection (alert triage, incident investigation).
• Working knowledge of Splunk for basic log searches, filtering, and analysis.
• Familiarity with SOAR platforms, preferably Cortex XSOAR.
• Ability to follow playbooks, SOPs, and escalation workflows effectively.
• Good analytical and troubleshooting skills with attention to detail.

• Engineering degree (B.E./B.Tech) or equivalent

• Proofpoint-related certifications (if available)
• Security certifications such as:

• CEH
• Security+
• GSEC
• SOC Analyst-focused certifications
• Splunk Fundamentals or equivalent (preferred)

• Strong written and verbal communication skills
• Ability to work in a fast-paced SOC environment
• Good documentation and reporting skills
• Team-oriented mindset with a proactive approach to learning

Sony India Software Centre