Security Operations Analyst

Key Responsibilities:

• Monitor security alerts and logs from various sources such as SIEM, IDS/IPS, firewalls, and endpoint protection platforms.
• Analyze and investigate potential security incidents to determine impact and root cause.
• Perform initial triage and escalation of security events according to defined procedures.
• Collaborate with IT and security teams to contain, remediate, and recover from security incidents.
• Conduct vulnerability assessments and support patch management processes.
• Maintain documentation for incidents, investigations, and mitigation actions.
• Develop and implement security monitoring rules and use cases to improve detection capabilities.
• Participate in threat hunting and proactive security assessments.
• Stay up-to-date with emerging threats, vulnerabilities, and security technologies.
• Support compliance and audit requirements by providing necessary security reports and evidence.

Qualifications and Requirements:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
• 2+ years of experience in security operations, incident response, or cybersecurity monitoring roles.
• Hands-on experience with SIEM tools (e.g., Splunk, QRadar, ArcSight).
• Familiarity with network security technologies (firewalls, IDS/IPS, VPN).
• Knowledge of endpoint security solutions and malware analysis basics.
• Understanding of security frameworks such as NIST, ISO 27001, or CIS Controls.
• Strong analytical, problem-solving, and communication skills.
• Ability to work in a 24x7 shift environment if required.

Desirable Skills:

• Certifications such as CEH, CompTIA Security+, GIAC GSEC, or CISSP (Associate).
• Experience with threat intelligence platforms and automation tools (SOAR).
• Knowledge of scripting languages (Python, PowerShell) for automation and analysis.
• Familiarity with cloud security concepts and tools (AWS, Azure Security Center).
• Experience with vulnerability management tools and processes.