Cyber Defence Analyst

Job Description- Cyber Defense Analyst

We are looking for the next superstar Cyber Security Analyst to join our managed services team.

You'll be part of a team responsible for the delivery of 24x7 security monitoring and analysis, with a primary focus on incident response and threat hunting. This is a customer-facing role and top-notch communication skills are absolutely essential.

The  Role

• Monitor, triage and respond to reported security incidents.
• Proactively hunt and manage unreported (aka. silent) phishing attacks (Intrusion Detection)
• Gather information, run correlation analysis and forensics to inform risk assessment
• Actively and timely communicate information about incidents or potential incidents to the wider team as per escalation policies
• Write post-incident reports
• Where required, develop security frameworks, contribute to run books, and lead the implementation of new security tools
• Work across multiple domains and technology stacks to identify vulnerabilities

Ideal  Personality

• Passion for cybersecurity
• Perseverance and tenacity
• Strong willingness to learn
• Logical problem-solver with a strongly analytical bent of mind
• Detail-oriented
• Ability to maintain a cool head and take decisive action in time-critical situations
• Natural team player. Good at building and maintaining relationships across the team, as well as getting others on board
• Understands the importance of proactive and clear communication in a large, busy environment

Skills

• Very strong communication skills, report-writing and verbal communication. You must be excellent at explaining what's happening to other people in a clear and timely manner.
• Ability to identify, classify and breakdown the taxonomy of various types of phishing attacks.
• Good understanding of networks, applications, databases, systems, Active Directory, Cloud platforms and how they work together.
• PowerShell or Python scripting knowledge.
• Demonstrable expertise in any 4 of the following: Incident Management & Response, Threat Hunting with EDR & SIEM, IPS/IDS, Endpoint Monitoring & Detection, and Forensics
• Good understanding of Information Security Standards and Frameworks like NIST, GDPR, ISO27001, CIS Benchmarks
• Knowledge of information security tools and techniques and current industry best practices

Qualifications  &  Experience:

• 2-3 years of real-world experience dealing with wide-ranging Incident Response with a strong understanding of phishing incidents and their mitigation steps.
• 2-3 years of real-world experience working with SEGs or general email systems
• 2-3 years of real-work experience working with the SIEM solutions.
• 2-3 years of real-world experience working with EDR solutions.
• 2-3 years of experience with Threat Assessment and Mitigation methods, Vulnerability Analysis, risk mitigation, information gathering and reporting
• 2-3 years of experience working in enterprise security operations
• Security qualifications i.e. a relevant security-related certification or degree