1.JD – Security Analyst
Position code: 0003
Position Title: Security Analyst
Department: Cyber Threat Intelligence Centre
Position Type: Permanent, Full Time
Position Band: Mid-Level
Work Status: Full Time
To work as a SOC engineering resource on Secure Logic MSS projects, and to provide support, maintenance, and monitoring for Managed Security Services.
Summary of the Role:
You will be joining a rapidly growing IT security organisation to become a part of our global Security Operations Centre team. You will be analysing security threats, responding to security threats, and implementing and maintaining of the company’s security services.
The successful candidate will have strong analytical and troubleshooting skills, strong security landscape knowledge, solid communication skills and a drive to deliver the best solution for our customers.
Security Analyst (Tier 1, Frontline Fighter)
Being part of a 24x7 security incident response team, including but not limited to, shift hand-over, operational advice, guidance, support and escalation
Monitoring security audit and intrusion detection system logs for system and network anomalies
Investigating and/or escalating security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security
Managing service requests to ensure contracted service levels are met, and escalating any issues impacting SLAs to Management.
Tertiary degree in computer science or 3+ years in a related IT field.
Any of the following qualifications are regarded:
Security vendor certifications – Cisco/Juniper/Fortinet/etc.
CISSP certification desired.
Penetration testing certifications desired.
Incident response certifications desired (SANS/GIAC/CERT).
3+ years of relevant experience is required.
Good understanding of security principles and technologies (access control, security protocols, threat and vulnerability management, incident and event management, etc.)
Strong technical understanding of the security landscape (attack vectors, tools, best practices for attack detection and mitigation)
Understanding of security Service Operations processes (Incident and Event Management, Incident Isolation, Classification, and Escalation)
Hands-on experience with Security Products (firewalls, IPS, VPN, malware protection endpoint protection)
Experience with reviewing and analysing event data from various security devices and enterprise applications such as AV detection, advanced endpoint analysis, firewall, proxy and VPN
Experience with packet capture tools and analysis of captures
Technical ability to resolve complex incidents and problems with focus on security products
Working knowledge of UNIX/Linux operating systems
High level of customer service and ability to comply with Service Management processes
Good written and oral communication skills are required.
Work From Home