Cyber Security Analyst

Cyber Security Analyst

• Monitor and investigate security events and alerts from various sources, such as logs, network traffic, threat intelligence, and user reports.
• Conduct proactive and reactive threat hunting campaigns to uncover hidden or emerging threats on the cloud environment.
• Perform root cause analysis and incident response to contain and remediate cloud abuse incidents.
• Document and communicate findings, recommendations, and lessons learned to relevant stakeholders and management.
• Develop and update cloud abuse detection rules, indicators, and signatures.
• Research and stay updated on the latest cloud abuse trends, tactics, techniques, and procedures (TTPs) of threat actors.
• Provide guidance and training to other security teams and cloud users on best practices and standards for cloud security.
• Manage multiple client environment cyber security infrastructure and applications.
• Knowledge of ServiceNow, Zoho desk, Jira/Confluence, etc.
• Perform vulnerability risk reviews using Qualys, Rapid7 and/or Tenable.
• Responsible for managing and improving the defined patch management & configuration review process and activities.
• Proactively manage applications, infrastructure security & network risks; ensuring security infrastructure aligns with companys compliance requirements.

Skills & Experience:

• 4 years + years of experience in a security analyst role, preferably in a SOC environment.
• Good knowledge on security analyst, engineering, and project management experience
• Experience in client management for security projects.
• Knowledge and hands-on experience with SIEM technologies such as Microsoft Sentinel, Rapid7 Insight IDR, Wazuh, etc.
• Create play books and automation on Microsoft sentinel is desirable.
• Strong experience in Virtualisation, Cloud (Azure, AWS, other service providers) design, configuration, and management.
• Ability to manage priorities, perform multiple tasks and work under dynamic environment and tight deadlines.
• Ability to perform vulnerability assessments, penetration testing using manual testing techniques, scripts, commercial and open-source tools.
• Experience and ability to perform Phishing campaign and/or similar social engineering exercise.
• Subject matter expert in one or multiple areas as Windows, Unix, Linux OS.
• Vendor or Security specific certifications is preferred.
• Demonstrated analytical, conceptual and problem-solving skills.
• Ability to work effectively with limited supervision on multiple concurrent operational activities.
• Ability to communicate effectively via email, report, procedures in a professional and succinct manner.
  

Preferred