The Security Analyst is responsible for incident detection, analysis, investigation, and response. It is the Managed Security Operations Centre primary responsibility to ensure that security events and incidents are detected and escalated in a timely manner and within SLA.
A day in the life:
- Monitor, analyse, mitigate and triage security events.
- Follow documented procedures for recording, assessing, analysing, communicating, rectifying, escalating and reporting security incidents.
- Effectively respond to all security incidents however they are communicated, including telephone calls, trouble tickets, emails received in group email mailboxes, or by any other means.
- Produce daily, weekly, and monthly reports on security activity and workload metrics to include tickets opened, event workload, and open or pending items
- Perform analysis on Customer Systems assets, document results.
- Produce daily, weekly, and monthly reports on security activity and workload metrics
Your background, skills and experience:
- Ability to perform analysis of data from multiple different sources and identify true positive indicators of compromise.
- Ability to operate within Security Information Event Management platform to triage events and correlate events of interest.
- Experience in Service Desk Operations
- Experience in working in an IT operations or security operations role (2 years).
- Understanding of SIEM technologies
What next?
Apply now with your CV in WORD format
