Experience

6+ years of experience in a level 2/3 security analyst role with a focus on incident tirage and leadership.

Responsibilities

• Advanced Incident Triage: Investigate and triage complex and high-severity security events
• Coordinate with cross-functional teams to mitigate threats and close security gaps
• Threat Hunting: Conduct proactive threat hunting to identify advanced threats that bypassed traditional security controls and monitoring
• Analyze threat intelligence to predict potential attacks and inform defense strategies
• Tool and Detection Development: Develop and refine security monitoring tools to improve threat detection
• Create and tune custom detection use cases and alerts to enhance detection capabilities.
• Participate in training programs to stay updated on the latest threats and technologies
• Policy and Strategy Development: Assist in developing and updating SOC policies, procedures, and playbooks
• Collaborate in the strategic planning of cybersecurity posture improvements
• Reporting and Communication: Prepare detailed incident and status reports for senior management and key stakeholders
• Communicate complex security risks and recommendations to non-technical audiences
  
  

Skills

Security Event analysis and tirage, provide strategic guidance and mentoring within the SOC, including advanced threat hunting, incident response leadership.

Incident Detection and Analysis

• Strong understanding of security principles, techniques, and technologies such as firewalls, IDS/IPS, network protocols
• Experience with SIEM tools and understanding of security logs and alert systems
• Ability to correctly investigate, triage and where required, lead formal incident response operations.
• Understanding of the incident response protocol and chain of custody
  
  

Advanced Threat Detection and Response

• Expertise in identifying, investigating, and responding to complex security threats and incidents
• Proficiency in using SIEM tools and platforms at an advanced level for detailed data analysis
• Capability to perform deep-dive incident analysis by correlating data from various sources
  
  

Problem Solving

• Strong analytical and problem-solving skills to effectively address security breaches.
• Ability to work under pressure in the face of active security incident
  
  

Threat Hunting

• Skilled in proactively searching through networks to detect and isolate advanced threats that evade existing security solutions
• Knowledge of the latest cyber threats, attack techniques, and mitigation methods
  
  

Incident Response and Management

• Ability to lead incident response activities and manage end-to-end incident lifecycle
• Experience in preparing detailed incident reports and briefings for both technical and non-technical audiences
  
  

Forensic Analysis

• Skills in digital forensics for investigating network, endpoint, and memory across a variety of platforms
• Understanding of legal considerations and compliance requirements related to cybersecurity investigations
  
  

Scripting/Automation

• Proficiency in scripting languages such as Python, Bash, or PowerShell to automate repetitive tasks and parse large datasets
• Development of custom tools and scripts to aid in incident response and daily operations
  
  

Comms. And leadership

• Strong leadership skills to guide and mentor junior analysts
• Excellent communication and stakeholder management skills