Junior Security Analyst
Junior Security Analyst
Our client, a global satellite communications firm, are looking to hire a number of Junior Security Analysts.
Key responsibilities of the position:
- Act as a first line security event analyst monitoring the Security Information and Event Management (SIEM) System. Monitor the alarm console; provide initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing.
- Provide first line telephone, e-mail and ticket routing services for security event notifications and incident response processes.
- Deliver first level investigation and remediation activities as a member of the Security Incident Response Team. Participate in Security Incident Response Team (SIRT) events: Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus and other network sensor produced events; present findings as input to SIRT.
- Participate in a Compliance/Vulnerability Assessment (VA) Scanning Capability. Follow a documented process for routine scanning of the companies infrastructure and network elements. Develop mitigation and remediation plans as a result of the vulnerability assessment findings.
- Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure. Analyze reports to understand threat campaign(s) techniques, lateral movements and extract indicators of compromise (IOCs).
- Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform.
- Document information security operations policies, process and procedures.
- The post will require rotating 24X7 shift work to include daytime, night time, and weekend work.
Essential Knowledge and Skills:
- A University degree level education or equivalent in Information Security, Forensics, or Computer Science; or at least two (2) years of related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis.
- Understanding of performing 1st level analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false-positives.
- A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous.
- Intermediate knowledge of Information Security fundamentals, technologies, and design principals.
- Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms.
- Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents.
- Experience in Tenable Network Security Nessus, BeyondTrust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and mis-configurations.
- Willingness to learn new skills and be self-motivated.
- Ability to work in a team environment, to work under pressure and show flexibility.
- Excellent verbal and written communication skills in English.