We are seeking a skilled and motivated Cyber Security Analyst to join our dynamic security team. You’ll play a critical role in protecting enterprise systems by monitoring, analysing, and responding to real-time cyber threats.
Security Monitoring & Incident Response:
- Monitor and triage security alerts from SIEM, EDR, and other security tools to identify potential threats.
- Conduct initial investigations and escalate incidents according to severity and defined escalation paths.
- Participate in incident response activities, including containment, eradication, and recovery phases.
- Collaborate with Cyber Engineering and IT teams to remediate vulnerabilities and security issues.
- Perform root cause analysis on security incidents and recommend preventive measures.
Threat Hunting & Analysis:
- Proactively hunt for emerging threats within the network and endpoint environments using SIEM queries, EDR tools, and threat intelligence feeds.
- Analyse attacker TTPs (Tactics, Techniques, and Procedures) using frameworks such as MITRE ATT&CK.
- Develop and tune detection rules, alerts, and analytics content to improve detection capabilities.
- Assist in integrating and correlating threat intelligence into monitoring tools.
Reporting & Documentation:
- Generate detailed incident reports, post-incident reviews, and metrics for management and stakeholders.
- Maintain accurate logs, playbooks, and runbooks to ensure repeatable and efficient incident handling processes.
- Provide regular updates on security posture, incident trends, and threat landscape to the Cyber Security team.
Collaboration & Continuous Improvement:
- Work closely with Cyber Security Engineering Services to test and validate new security tools and controls.
- Engage with external vendors for threat intelligence and security tool support.
- Contribute to security awareness initiatives by sharing trends and lessons learned.
- Support compliance with internal policies and external regulatory requirements, including PoPIA.
Requirements
- Diploma or Degree in Computer Science, Cybersecurity, Information Technology, or related field.
- Minimum 2 to 4 years of experience in cybersecurity monitoring, incident detection, and response.
- Certifications such as CompTIA Security+, Certified SOC Analyst (CSA), or Microsoft Security certifications are highly desirable.
- Hands-on experience with SIEM platforms (e.g., Microsoft Sentinel, CrowdStrike Falcon, Darktrace).
- Practical knowledge of endpoint security tools (EDR), vulnerability scanners, and network monitoring.
- Strong understanding of TCP/IP, networking protocols, and cybersecurity fundamentals.
- Familiarity with cloud security principles, especially Microsoft Azure Security technologies.
- Experience with incident response frameworks and threat hunting methodologies.
- Ability to analyse logs, alerts, and network traffic effectively.
- Excellent communication skills and the ability to write clear incident reports.
Desired Skills:
- SIEM Platforms
- CompTIA Security+
- Microsoft Sentinel
Desired Qualification Level:
- Degree
About The Employer: