Job Description:
The role of a Security Analyst/Engineer is to support the security operations of an organization by assisting in the monitoring, detection, and response to security incidents. This position offers a blend of security analysis and engineering tasks.
This role requires a strong understanding of cybersecurity principles, threat landscape, and attack methodologies. The ideal candidate will have proficiency in security tools and technologies such as SIEM, EDR, IDS/IPS, firewalls, and vulnerability scanners.
Key Responsibilities:
* Monitoring security events and alerts from various sources
* Conducting initial analysis of security events to determine their nature and potential impact on the organization
* Collaborating with senior analysts to investigate and respond to security incidents, including malware infections, phishing attempts, and unauthorized access attempts.
* Contributing to incident response activities by providing technical assistance during security incidents, including containment, eradication, and recovery efforts
* Documenting incident response procedures, developing post-incident reports, and conducting lessons learned sessions to improve incident handling capabilities
* Implementing proactive measures to enhance incident detection and response capabilities, such as developing playbooks for common attack scenarios.
* Supporting the vulnerability management process by assisting in vulnerability scanning, assessment, and remediation efforts
* Helping to prioritize and track the resolution of identified vulnerabilities in systems and applications
* Collaborating with system owners and IT teams to ensure timely patching and mitigation of identified vulnerabilities, leveraging automation and orchestration where possible
* Conducting security assessments and penetration tests to identify weaknesses in systems, applications, and network infrastructure.
* Assisting in the administration and configuration of security tools and technologies, such as firewalls, intrusion detection/prevention systems, and endpoint security solutions
* Participating in the evaluation and testing of new security technologies to enhance the organization's security posture
* Optimizing the configuration and tuning of security tools and technologies to improve detection accuracy, reduce false positives, and enhance overall effectiveness
* Evaluating emerging security technologies and solutions, recommending and implementing enhancements to the security toolset based on industry best practices and organizational requirements.
* Supporting security awareness and training initiatives by assisting in the development of educational materials and delivering security awareness briefings to staff.
Qualifications and Skills:
* Bachelor's degree in computer science, Information Security, or related field
* 3-5 years of experience in a cybersecurity role with progressively increasing responsibilities
* Strong analytical, problem-solving, and decision-making skills
* Effective communication and stakeholder management abilities
* Certifications such as CompTIA Security+, CEH (Certified Ethical Hacker), or equivalent are a plus.
* Demonstrated experience in conducting security analysis, incident response, and vulnerability management in a complex environment