Cyber Security Analyst - Contract

Role Summary
The Cyber Security Analyst is responsible for security monitoring and incident investigation within the Security Operations Center (SOC).

This role provides technical expertise in threat detection, incident handling, and use case optimization. The Analyst plays a critical role in ensuring timely detection, analysis, and containment of cyber threats.

Key Responsibilities

Security Monitoring & Incident Response

. Investigate and respond to complex and high-severity security incidents across network, endpoint, cloud, and application environments

. Perform deep-dive analysis of alerts, logs, and telemetry to determine root cause, impact, and remediation actions

. Coordinate incident response activities across internal teams and external stakeholders, including escalation to management when required

. Ensure incidents are handled in accordance with defined SLAs, playbooks, and regulatory requirements

Threat Detection & Use Case Management

. Tune and optimize SIEM detection rules to reduce false positives and improve detection efficacy

Continuous Improvement & SOC Maturity

. Contribute to the development and refinement of SOC processes, runbooks, and playbooks

. Identify opportunities to improve SOC efficiency through automation, SOAR, and AI-driven capabilities

Leadership & Mentorship

. Provide guidance and mentoring to junior analysts

. Act as an escalation point for complex investigations and technical challenges

. Support knowledge sharing, training, and continuous skills development within the SOC team

Required Skills & Experience

Technical Skills

. Strong hands-on experience with SIEM platforms - preferably Elastic Stack (ELK) also Splunk, Microsoft Sentinel, or Google SecOps

. Solid understanding of network, endpoint, identity, and cloud security concepts

. Experience analyzing logs from firewalls, EDR, IDS/IPS, cloud platforms, and operating systems

. Familiarity with incident response methodologies and digital forensics fundamentals

Experience

. 3-5 years of experience in cyber security operations, SOC, or incident response roles

. Proven experience handling medium to high severity security incidents independently

. Experience in regulated environments (financial services, government, or healthcare) is an advantage

Soft Skills

. Strong analytical and problem-solving skills

. Calm and structured approach when handling incidents under pressure

Strong sense of ownership, accountability, and attention to detail

Preferred / Nice-to-Have

. Experience with SOAR platforms and security automation

. Cloud security experience across AWS, Azure, or GCP

. Scripting or query skills - SPL, KQL, SQL, or Python

. Experience in SOC transformation or SIEM migration projects

Preferred Certifications

. GCIA, GCIH, or GCED (GIAC)

. Elastic, Google SecOps, or Microsoft Sentinel certifications

Other vendor-specific SIEM certifications