Job description:
Position Summary
The Security Operations Analyst is a pivotal role in safeguarding the organisation's digital infrastructure. The candidate's mission is to protect all our digital assets from cyber threats.
Key Responsibilities
The Security Operations Analyst will be part of the team that deliver the following key responsibilities:
- Security Event Monitoring
- Review security logs, alerts, and system events to detect anomalies or signs of unauthorised access.
- Analyse logs from firewalls, intrusion detection/prevention systems, and other security tools to identify patterns or security behaviour.
- Prioritise and investigate security incidents based on severity and impact.
- Adjust alert thresholds to reduce false positives and improve detection accuracy.
- Monitor user activity for deviations from normal behaviour.
- Malware Analysis and Email Security
- Assess and respond to malware incidents.
- Ensure that malware has been thoroughly eradicated from end-points and no lateral movement has occurred.
- Investigate suspicious emails and phishing attempts.
- Threat Detection and Analysis
- Analyse logs, network traffic, and security data to detect and respond to cyber threats.
- Search for indicators of compromise or signs of advanced persistent threats.
- Collaborate with incident response teams to mitigate risks promptly.
- Security Tools Operations
- Configure, monitor and maintain various security tools to ensure up-to-date protection
- Conduct regular vulnerability scans
- Manage Identify Access Management systems
- Assist in providing complete and thorough responses to external and internal audit RFIs.
- Incident Response and Mitigation
- Execute incident response procedures during security incidents.
- Coordinate with cross-functional teams to contain and remediate threats.
- Produce post-incident reviews and identify areas for improvements.
- Cyber Threat Intelligence
- Stay informed about emerging threats and vulnerabilities.
- Leverage threat intelligence sources to enhance our security posture.
- Operational Readiness
- Participate in cyber exercises and simulations to improve readiness.
- Advocate for security
Requirements
- Diploma or degree in Computer Science, Computer Engineering or Information Security related fields.
- At least 3 years of working experience in IT Security Operations and Security Operations Centre.
- Relevant certifications such as CISSP, CISM, GSOM, SSCP, CASP+, GCIH will be a significant advantage.