Cyber Security Analyst
Technology and Computer-related
- Manage day to day activity of the Analyst team providing supervision and review of the Analysts output
- Report into the L3 experts and provide verbal and written reports of activity within the team
- Ensure timely accurate communications of alerts to internal and external teams regarding intrusions and compromises to On-boarded Entity network infrastructure, applications and operating systems
- Assist On-boarded Entity response teams with the implementation of counter-measures or mitigating controls
- Make recommendations to improve operational effectiveness and efficiency within SOC.
- Monitor and analyses Alarms escalated from L1 team
- Collect, correlate and analyze different sources of information including information from Intrusion Detection Systems (IDS), Anomaly Detection Systems (ADS), Firewall event logs, Security Incident and Event Management (SIEM) toolset event logs, Systems logs, to identify security attacks and threats.
- Assist in Incident Response activities for large organizations; work with other security analysts (internal and external) to identify various malicious threats in the monitored environments.
- Review attack information from other analysts in preparation for release to or onward review.
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
- Assist L3 in creating use cases for new content, or recommendations on existing content.
- Ensure timely accurate communications of alerts to different stakeholders in the monitored organization.
- Assist L3 analysts with the implementation of counter-measures or mitigating controls.
- Respond to escalations, or will escalate if required as per the agreed processes.
- Candidate Profile:
- Management skills with 7+ years of career experience in the ICT field
- Leadership experience in either government or private sector organizations having operational expertise in day to day SOC and wider cyber security areas
- Individual can execute a complex task as a lone resource or lead an ICT-related team effectively as a mid-level manager. The position will require the ability to identify and defend against malicious cyber activity on multiple heterogeneous networks using both network and host-based cyber data
- Some commercial technologies being used may include systems from Palantir, EndGame, CarbonBlack, FireEye and RSA. Experience with these technologies will be considered an asset
- The ideal candidate should hold a post-secondary degree in Computer or Electrical Engineering, Computer Science or a related field and have hands-on work experience in a national-level SOC environment