Job Description
Duties & Responsibilities
Client Details:
Our client is a reputable provider offering cyber security consulting, technology integration, and managed security services. As a member of their inclusive and diverse team, you will have the freedom to work with innovation and flexibility. The collaborative environment allows you to learn from experienced colleagues and continuously develop your professional skills. Our client’s ongoing growth reflects their commitment to delivering high-quality cyber security, productivity, and mobility solutions to various industries and businesses of all sizes.
Role Responsibilities:
Monitor client environments and security systems for alerts and incidents, responding according to contractual terms and Service Description processes.
Support multiple customer environments to enhance satisfaction and improve operational performance.
Collaborate with stakeholders to investigate security events, raise incidents, and provide containment, remediation, or recommendations.
Serve as an escalation point for incidents and investigations.
Understand client environments, build relationships with stakeholders, and facilitate effective communication.
Apply and develop use-cases and playbooks for efficiency and improvements.
Implement automation, notification, response, and remediation processes.
Lead threat hunting investigations with new feeds and sources.
Contribute to security dashboards, reporting, and processes.
Stay updated on the evolving cyber security landscape and educate the team.
Support ongoing maintenance of the company’s Information Security Management System (ISMS).
Relevant Qualifications / Experience:
Hold a relevant tertiary qualification in Cyber Security/Information Security or similar.
Hold certifications from recognized cybersecurity entities such as Microsoft, CompTIA, SANS, CREST, ISC2, or others.
Possess 1-3 years of relevant experience and a passion for security challenges.
Have a minimum of 3 years of experience as a Cyber Security Analyst or equivalent.
Demonstrate excellent communication, interpersonal, and leadership skills.
Exhibit strong time management, problem-solving abilities, and the capability to handle diverse workloads.
Worked in a SOC environment with tools like SIEM, SOAR, EDR, etc.
Possess comprehensive knowledge of common malware types and detection/prevention methods.
Familiarity with Microsoft Sentinel and the Microsoft Security stack.
Understand Cloud computing/architecture and security principles.
Demonstrate awareness and understanding of the MITRE ATT&CK Framework and the Cyber-Kill-Chain.
Interact comfortably with personnel across multiple organisations and build strong relationships at all levels.
Additional experience working for a Managed Security Service Provider (MSSP).
Proficient with various SIEM Technologies (Splunk, LogRhythm, ELK, QRadar, Arcsight, MS Sentinel, etc.).
Have experience in Threat Hunting and the development of playbooks for applied automation.
Familiarity with the Kusto Query Language (KQL).