Cloud & Infra · Updated 2026-06-15

Skills required for Cybersecurity Analyst in India (2026)

Cybersecurity Analyst roles in India in 2026 require networking and operating-system fundamentals (you cannot defend what you do not understand), threat-landscape literacy mapped to MITRE ATT&CK, vulnerability management with tools like Nessus or Qualys, SIEM experience, and incident-response process. India-specific context matters: the DPDP Act 2023 and its 2025 rules, CERT-In's 6-hour incident-reporting mandate, and RBI/SEBI cyber frameworks appear directly in BFSI interview questions. Cloud security skills (AWS/Azure misconfigurations, identity attacks) are the strongest growth area in Indian postings.

Career Compass — free

This page lists what Cybersecurity Analyst postings ask for in general. Paste a real job posting and your CV, and we will show your exact gaps — requirement by requirement, with a free course path and certificate for each one.

See your exact gaps for a real job posting

Must-have skills for a Cybersecurity Analyst

The skills Indian employers screen for in 2026, and why each one is asked.

Skill	Why it matters
Networking fundamentals (TCP/IP, DNS, HTTP, TLS)	Most attacks traverse the network; reading a packet capture is a baseline interview test.
Operating-system security (Windows AD + Linux)	Active Directory attacks (Kerberoasting, pass-the-hash) dominate Indian enterprise incidents and interviews.
MITRE ATT&CK framework fluency	The shared vocabulary of detection and response — interviewers map every scenario question to it.
Vulnerability management (Nessus/Qualys, CVSS, patching workflow)	The bread-and-butter analyst function at services firms and GCCs; prioritisation judgement gets tested.
SIEM fundamentals (Splunk or Microsoft Sentinel)	Log investigation is the daily core; writing a basic detection query is a practical round.
Incident response process (NIST lifecycle, containment decisions)	Scenario interviews walk you through a live compromise and score your sequencing.
Web application security (OWASP Top 10)	India's IT-services clients demand secure-SDLC awareness; XSS/SQLi/IDOR identification is standard.
Identity attacks and defence (MFA bypass, phishing, token theft)	Identity is the modern perimeter; most 2025–26 breaches started with credentials.
Cloud security basics (IAM misconfigurations, public storage, logging)	The fastest-growing JD requirement as Indian enterprises move regulated workloads to cloud.
Scripting basics (Python or PowerShell)	Log parsing and IOC sweeps need automation; pure point-and-click analysts plateau early.
Indian regulatory context (DPDP Act, CERT-In directives, RBI guidelines)	BFSI interviewers ask directly about the 6-hour CERT-In reporting window and DPDP obligations.

Nice-to-have skills

Threat intelligence and OSINT tradecraft
EDR tooling depth (CrowdStrike, Microsoft Defender for Endpoint)
Basic malware triage (static analysis, sandboxing)
Purple-team exercises and attack simulation
GenAI for security: LLM-assisted triage and its failure modes

Tools and platforms to know

Splunk / Microsoft SentinelNessus / QualysWiresharkMicrosoft Defender XDRBurp SuitePython / PowerShellMITRE ATT&CK NavigatorTryHackMe / HTB labs

Certifications that help

CompTIA Security+
Certified Ethical Hacker (CEH) — heavily requested by Indian employers
Microsoft SC-200 (Security Operations Analyst)
ISC2 Certified in Cybersecurity (CC), later CISSP

Typical interview topics

A user reports a phishing email — walk through your full response
Explain Kerberoasting and how you would detect it
CVSS 9.8 vulnerability on 400 servers: triage and prioritisation plan
TLS handshake and what an attacker can/cannot see
OWASP: how SQL injection works and layered prevention
Ransomware detonated on one endpoint — first 60 minutes
DPDP Act and CERT-In reporting: what must happen within 6 hours?
Read these proxy logs: identify the C2 beacon

Frequently asked questions

What skills are required to become a Cybersecurity Analyst in India?

How long does it take to become a Cybersecurity Analyst?

From an IT, networking, or sysadmin background, 6–9 months: security fundamentals (Security+ scope), a SIEM hands-on (free Splunk/Sentinel labs), TryHackMe/Hack The Box defensive paths, and incident-response frameworks. From zero, 12–18 months — employers consistently reject candidates with certificates but no demonstrable lab work.

Which certifications help you get a Cybersecurity Analyst job in India?

The certifications most often named in Indian Cybersecurity Analyst job postings are: CompTIA Security+; Certified Ethical Hacker (CEH) — heavily requested by Indian employers; Microsoft SC-200 (Security Operations Analyst); ISC2 Certified in Cybersecurity (CC), later CISSP. Certifications get you past screening — pair them with demonstrable hands-on projects, because interviews test applied skill, not credentials.

What topics are asked in Cybersecurity Analyst interviews?

Typical Cybersecurity Analyst interview rounds in India cover: A user reports a phishing email — walk through your full response; Explain Kerberoasting and how you would detect it; CVSS 9.8 vulnerability on 400 servers: triage and prioritisation plan; TLS handshake and what an attacker can/cannot see; OWASP: how SQL injection works and layered prevention; Ransomware detonated on one endpoint — first 60 minutes.