- Incident Documentation: Review security incidents and vulnerabilities, documenting all findings clearly and accurately. Ensure that findings are categorized, prioritized, and assigned appropriate severity levels.
- Security Reporting: Prepare detailed reports on security issues, including root cause analysis, impact assessments, and recommended remediation actions. Reports should be tailored to different stakeholders, from technical teams to executive leadership.
- Tracking and Follow-up: Maintain a clear and organized system for tracking open findings, vulnerabilities, and remediation efforts. Follow up regularly to ensure issues are being addressed in a timely manner.
- Collaboration with Teams: Work closely with Security Operations, Threat Intelligence, and IT teams to gather relevant data, understand technical details, and ensure comprehensive documentation of findings.
- Continuous Improvement: Assist in refining documentation processes, templates, and reporting standards to improve efficiency and clarity.
- Knowledge Sharing: Contribute to the development of internal security knowledge base, documenting lessons learned, common vulnerabilities, and best practices for future reference.
- Compliance Support: Ensure that all documentation complies with internal policies and external regulatory requirements (e.g., GDPR, HIPAA, PCI DSS).
- Security Tools Utilization: Use security tools and platforms (such as SIEM, ticketing systems, vulnerability management tools) to document and track findings.
Required Skills and Qualifications:
- Education: Bachelor s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent work experience).
- Experience: 2+ years of experience in cybersecurity, with a focus on incident documentation, analysis, or reporting.
- Technical Knowledge: Familiarity with common security threats, vulnerabilities, and security frameworks (e.g., OWASP, NIST).
- Strong Writing Skills: Exceptional written communication skills with the ability to document complex technical issues clearly for both technical and non-technical audiences.
- Attention to Detail: Ability to review and document security findings meticulously, ensuring accuracy and clarity.
- Familiarity with Security Tools: Experience with security tools like SIEM (Security Information and Event Management), vulnerability scanners, ticketing systems (Jira, ServiceNow, etc.), and similar platforms.
- Analytical Thinking: Ability to analyze complex security incidents and break them down into understandable documentation, identifying root causes and trends.
- Problem-Solving: Proactive in identifying gaps in documentation processes and recommending solutions to enhance clarity, consistency, and effectiveness.
Desired Skills:
- Certifications: Certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or similar are a plus.
- Knowledge of Regulatory Standards: Familiarity with industry regulations and compliance standards such as GDPR, HIPAA, PCI DSS, and ISO/IEC 27001.
- Security Operations Knowledge: Exposure to Security Operations Center (SOC) environments or incident response teams.
- Experience with Threat Intelligence: Understanding of threat intelligence concepts and how to document emerging threats and vulnerabilities.
