CDC Analyst

Job Title- CDC Analyst
Location: Bangalore, India
Employment Type: Permanent

PURPOSE
To lead global monitoring and response for both cyber and physical security events, ensuring company is prepared for, and resilient to, all forms of emerging threats.
This role combines advanced Cyber Defense operations with Security and Emergency Management (S&EM) responsibilities, integrating threat intelligence, incident monitoring, and crisis coordination to protect companies' people, assets, and information globally.
You will lead technical analysis, coordinate response across functions, and uplift detection and response maturity within the Cyber Defense Centre (CDC) and S&EM global operations, contributing directly to companies' global resilience strategy.

RESPONSIBILITIES AND ACCOUNTABILITIES
HSEQ

• Foster psychological safety and calm decision-making during high-pressure cyber and security incidents.
• Promote fatigue management, healthy shift practices, and a “safe to speak up” culture across global operations.
• Lead change efforts that build a positive security culture where everyone understands their role in protecting companies people, assets, and reputation.

LEADERSHIP

• Act as shift lead and escalation point for high-impact or complex cyber and physical events.
• Mentor and uplift junior analysts, supporting investigations, playbook execution, and incident reviews.
• Provide calm, felt leadership during periods of crisis or escalation, ensuring alignment between digital and physical response teams.
• Drive a culture of ownership, accountability, and structured response within the global, follow-the-sun operating model.

WORK PROCESSES & SYSTEMS

• Lead investigations across multiple telemetry and intelligence sources (EDR, SIEM, DNS, identity, physical threat intel platforms).
• Maintain, test, and refine playbooks for cyber incidents, all-hazards monitoring, containment, and escalation.
• Coordinate incident response and crisis communications in collaboration with the companies Communications Centre
• Conduct after-action reviews and contribute to root cause analysis and lessons-learned reporting.
• Ensure adherence to global governance frameworks, including legislative, HSE, and risk management requirements.

EXCELLENCE

• Drive continuous improvement across detection, monitoring, and threat analysis processes.
• Deliver consistent, high-quality shift documentation and containment evidence.
• Participate in joint simulation and tabletop exercises across Cyber and S&EM to test integrated response and recovery capabilities.
• Identify monitoring gaps and work with Cyber Engineering, S&EM, and IT teams to improve visibility and control assurance.

TECHNICAL

• Conduct advanced cyber investigations, including lateral movement analysis, threat hunting, and adversary emulation.
• Integrate external threat intelligence (ACSC, One-ISAC, Seerist, iSOS) into cyber and physical response workflows.
• Oversee global all-hazard incident monitoring (TopoOne) and threat intelligence coordination, ensuring actionable insight for risk owners.
• Coordinate travel security monitoring, executive protection assessments, and event threat analysis as required.
• Contribute to automation and detection enrichment (SOAR, IOC correlation, Cribl, Sentinel).

KEY ACCOUNTABILITIES

• Ensure containment and response steps are executed effectively and documented accurately.
• Coordinate cross-functional crisis and incident management activities in line with companies S&EM framework.
• Lead or contribute to the technical response for high-severity incidents and align outcomes with Detection Engineering and Incident Command.
• Maintain oversight of global intelligence subscriptions and deliver actionable reports to Cyber and S&EM leaders.
• Uplift global monitoring capabilities to reduce mean time to detect (MTTD) and respond (MTTR).

SKILLS & EXPERIENCE

• 5–10 years in Security Operations, Incident Response, or Security & Emergency Management within a corporate or government context
• Strong technical knowledge of detection and response tooling (Sentinel, Defender, Purview, Seerist, TopoOne).
• Deep understanding of adversary TTPs (MITRE ATT&CK) and multi-domain threat analysis (cyber and physical).
• Experience leading or coordinating incident response and crisis management across global operations.
• Demonstrated ability to mentor, influence, and collaborate across cyber, security, and operational teams.
• Excellent written and verbal communication, capable of briefing executives and crisis management teams.
• Familiarity with global travel risk, executive protection, and emergency management frameworks is advantageous

KEY INTERACTIONS

Internal:

• Cyber Defense, S&EM, and Infrastructure teams (Perth, Houston, Bengaluru)
• Risk & Compliance, Legal, HSE, and Corporate Affairs
• IT and OT Operations, Project and Country Managers

External:

• Intelligence and monitoring providers (ACSC, One-ISAC, Seerist, iSOS)
• Product vendors (Microsoft, AWS, Cribl)
• Government agencies and industry peers (ASD, APGA, CISO Lens)
• Security and Emergency Management contractors and response partners

If the opportunity matches your skills and if you are interested, Please share your updated CV on sayali.kothmire@nesfircroft.com

With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Chemicals, Construction & Infrastructure, Life Sciences, Mining and Manufacturing sectors worldwide. With more than 80 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.