Job Title: Cyber Security Analyst
Our Client’s Security Operation Center (SOC) is responsible for monitoring and managing security related events and incidents within the enterprise. Our Security Analysts work closely with our Cloud, IT and Network operations team to resolve complex security problems and improve the overall security posture of Layer3 and its customers.
You will work within the SOC team and administer day-to-day activities such as monitoring and reviewing security incidents, performing vulnerability assessments, incident management and other activities related to security monitoring and response
- Daily monitor all security logs and events via the SIEM to detect cyber-attacks and other unauthorized activity.
- Triage and analyze security event alerts to determine if the event qualifies as a legitimate security breach.
- Follow standard operating procedures for detecting, classifying, and reporting incidents
- Create new trouble tickets for alerts that signal an incident and require a higher tier review.
- Assist in responding to security incidents
- Log all incidents in the incident management system and track to resolution.
- Document lessons learnt for all incidents.
- Perform regular automated vulnerability scans, interpret, and report the results for affected teams and asset owners.
- Verify scan results through manual investigation where needed.
- Track remediation activities and provide remediation assistance where required.
- Ensure vulnerabilities are closed within the defined time limits, and input into risk acceptance decisions
Security Policy Review and Maintenance
- Assist with the preparation of regular reports and the collection of defined metrics.
- Help meet company compliance requirements by supporting internal and external audits, risk assessments and reviews.
- Conduct phishing tests and regular information security awareness.
- A Bachelor’s degree in Information Technology, Computer Science, or related degree
- A minimum of 1-3 years of relevant experience in information security
- One or more of following certifications: CEH, CySA+, Security+, CCNA CyberOps, ISO 27001 LI or equivalent certifications.
- Solid understanding of the TCP/IP suite of protocols
- Familiarity with various Information Security standards e.g.; ISO 27001, PCI-DSS, NDPR
- Working Knowledge of open source tools such as Nmap, Wireshark, Tcpdump, Metasploit
- Platform experience with Alienvault USM, Sophos and Nessus is also a bonus
- Exceptional problem-solving skills
- Strong documentation and communication skills
- Sound knowledge of the industry, and active following on relevant OEMs on social media.
- Ability to drive process improvements and identify gaps
- Proactive in engaging with customers, client executives and other Engineering units
- Relevant security certifications will also be an advantage.
CV to be sent to email@example.com