Senior IT Security Analyst (SOC)

Responsibilities Incident Response Leadership Oversee the entire incident response lifecycle from detection to resolution. ead investigations of IT security incidents and ensure thorough root cause analysis and remediation. Develop and maintain incident response playbooks and procedures. Coordinate with internal, external stakeholders, and vendors during incidents. Conduct post-incident reviews and report findings to management. Monitoring and Detection Develop and implement advanced threat detection and monitoring strategies. Utilize SIEM, EDR, and other security tools for timely incident detection. Perform threat hunting and proactive security assessments. Collaborate with IT teams to deploy and optimize security solutions. Threat Statistics and Reporting Analyze and compile statistics on threats relevant to the Institute. Prepare and present detailed reports on threat statistics to stakeholders. Use data visualization tools to communicate threat trends and insights. Requirements Educational Background A University Degree in Information Systems, Computer Science, Cybersecurity, or a related field. Professional Certification(s) in incident handling and security analysis preferred. GCIH or its equivalent is preferred. Professional Experience Minimum of 8 years of progressive experience in IT security, with a focus on Incident response. Minimum of 4 years of experience in a security operations center, with proven leadership capabilities. Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration. Proven experience in managing incident response and performing threat hunting. Technical Expertise Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, and cloud security. Experience in firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies. Experience in monitoring and administering host-based intrusion detection systems. Knowledge and experience in Linux/Windows/Database technologies preferred. Strong knowledge of industry standards and information security policy frameworks. Hands-on experience with scripting and automation tools to enhance security operations. Ability to conduct gap analysis of current processes and identify opportunities for improvement. Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled. Continuously improve event correlation and alerting processes and use cases to detect potential incidents. Automate manual processes to enhance security incident response. Experience with network security assessment tools. Leadership and Communication Excellent leadership and team management skills, with the ability to inspire and motivate a team. Licence no: 12C6060 #J-18808-Ljbffr