Security Analyst

Key Accountabilities:

• Develop an action plan to achieve SOC goals
• Develop and design ad-hoc reports templates for SOC incidents/activates
• Participate in R&D of SOC monitoring tools
• Participate in planning of new features in SOC dashboard
• Respond proactively to all incident / call opened in ticketing system
• Liaise with various business units and departments
• Support the rest of the teams within Team on the daily operational task whenever there is requirement
• Working side by side with SOC vendors and maintain professional conduct
• Provides input regarding improvements in detecting incidents.
• Interact and coordinate with Business units and build visibility on the security activities in relation to the area of work.
• Monitor the networks to ensure all attacks are identified proactively & reactively.
• Respond and take remedial action against identified threats in order to control damage.
• Assess and identify on the current monitoring capability & gaps to make sure the threat is remediated.
• Handle, response and escalate a security incident in a 24x7 environment through ticketing system.
• Develop and help implement processes for detecting, identifying and analyzing security related events in coordination with the security entities.
• Communicate and develop interaction with other security operations focused bodies.
• Report on incident causes and related weaknesses and recommend remedies.
• Strong understanding of incident response procedures
• Understanding of key technologies in security operations such as Vulnerability management, DDoS Concepts, AV fine tuning, SIEM, Networking, Intrusion prevention etc.

Qualifications:

• Minimum bachelor’s degree in information security or computer networks.
• CEH,CISM, CISSP, OSCP and/or relevant product-based qualification.

Experience:

• Minimum 8 years of experience in an operation security role, with at least 2-year experience as Senior incident analyst in MSSP.
• Triage and manage escalated security incidents end-to-end
• Perform in-depth analysis, threat hunting, and coordinate response actions
• Mentor Level 1 Analysts and support knowledge sharing
• Enhance SOC processes, content, and automation playbooks
• Ensure policy compliance and stay current on threats and vulnerabilities
• Expertise in firewalls (Palo Alto, Fortinet), IDS/IPS, VPNs, WAF, DDoS mitigation, and network protocols
• Proficient with SIEM (Splunk, QRadar, Sentinel), EDR (CrowdStrike, SentinelOne), vulnerability scanners (Nessus, Qualys), and cloud security (AWS, Azure, GCP)

Skills

• Able to take personal responsibility for all issues concerning the secure operations of the networks.
• Analyze information accurately.
• Display sound judgment.
• Solve problems.
• Influence decision makers.