Security Analyst
Purpose and Scope
We are seeking a detail-oriented and analytical
Security Analyst to join our cybersecurity team. The ideal candidate will monitor our IT/OT infrastructure for security threats, respond to incidents, and support the implementation of security measures to protect organizational assets and data.
Key Roles And Responsibilities
- Monitor networks, systems, and applications for security breaches and investigate violations.
- Conduct security assessments and vulnerability scans using tools such as Nessus, Qualys etc
- Analyse security incidents and provide reports with root cause analysis and remediation steps.
- Maintain and update security tools like SIEM (e.g., Splunk, IBM QRadar, Google SecOps or Sentinel).
- Support onboarding new data sources into SIEM and publish reports for non-compliances.
- Configure, fine-tune, and optimize rule sets, alerts, dashboards, and reports.
- Perform tool upgrades, patching, health checks, and troubleshooting.
- Investigate email security threat and investigate.
- Work with vendors and internal IT to troubleshoot and resolve tool-related issues.
- Work with IT and DevOps teams to ensure secure system configurations and patch management.
- Support compliance efforts (e.g., ISO 27001, NIST).
- Monitor security awareness training for employees and ensure 100% compliance
- Maintain security tool documentation, configurations, playbooks, and standard operating procedures (SOPs).
- Support audits and compliance efforts by providing tool logs, configurations, and evidence as needed.
- Stay up to date with latest cybersecurity trends, threats, and technology solutions.
Qualification, Skills And Experience
Education & Experience:
- Bachelor's degree in computer science, Information Security, or related field.
- 35 years of experience in a cybersecurity or IT security role.
Technical Skills
- Familiarity with firewalls, IDS/IPS, EDR, Privileged Access Management (PAM) and vulnerability scanners.
- Experience with SIEM tools and log analysis.
- Knowledge of networking protocols, operating systems (Windows, Linux)
- Understanding of frameworks such as ISO 27001, NIST, CIS Controls, MITRE ATT&CK.
