Our client is looking for a Senior Cyber Security Analyst who will play a vital role in safeguarding, monitoring, analysing, and responding to security threats. The analyst will be responsible for prioritising and triaging security incidents based on their potential business impact, determining the appropriate response approach, and assigning severity levels. This position also involves ongoing assessment of incident classification and making decisions on whether to close or escalate incidents to the Head of Cyber Security Operations.
Key Responsibilities: Incident Management: Review, prioritise, and triage security incidents, assigning severity levels and determining appropriate responses.Technical Analysis and Reporting: Conduct thorough root cause analysis and post-incident reviews, producing comprehensive technical reports on security incidents.Threat Detection and Incident Response: Utilise Incident Response, Cyber Kill Chain, ATT&CK framework, and expertise in identifying attack vectors to manage threats.Network and Endpoint Analysis: Analyse network traffic using deep packet inspection and examine logs from endpoints, networks, and applications.Tool and Technology Expertise: Leverage experience with firewalls, web and email security, endpoint security, and SIEM to strengthen the organisation's security posture.Collaboration and Escalation: Partner with the Head of Cyber Security Operations to escalate high-priority incidents and enable swift, effective response.Requirements: Experience: 5 to 7 years of relevant experience in cybersecurity analysis and incident management.Technical Skills:Advanced knowledge of cloud security practices for AWS and Azure.Strong understanding of networking concepts and protocols.Proficiency in using firewalls, web/email security, endpoint security, and SIEM.Hands-on experience with root cause analysis, network traffic analysis, and deep packet inspection tools.Proficiency in Python for security scripting and automation.Frameworks and Methodologies: Solid understanding of Incident Response, Cyber Kill Chain, ATT&CK framework, and attack vectors.Communication: Exceptional technical writing skills for creating detailed reports.Decision-Making: Proven ability to assess and prioritize incidents to minimise business impact.Preferred Qualifications: Relevant cybersecurity certifications (e.g., CISSP, CISM, AWS Certified Security Specialty).Experience working in a SOC (Security Operations Center) environment.Knowledge of security frameworks such as NIST, ISO 27001, and CIS.
#J-18808-Ljbffr