Cyber Security Analyst (x2)

Role Summary

The Cyber Security Analyst is responsible for security monitoring and incident investigation within the Security Operations Center (SOC). This role provides technical expertise in threat detection, incident handling, and use case optimization.

The Analyst plays a critical role in ensuring timely detection, analysis, and containment of cyber threats.

Key Responsibilities

Security Monitoring & Incident Response

Perform the investigation and response to complex and high-severity security incidents across network, endpoint, cloud, and application environments

Perform deep-dive analysis of alerts, logs, and telemetry to determine root cause, impact, and remediation actions

When required coordinate incident response activities across internal teams and external stakeholders, including escalation to management when required

Ensure incidents are handled in accordance with defined SLAs, playbooks, and regulatory requirements

Threat Detection & Use Case Management

Tune, and optimize SIEM detection rules to reduce false positives and improve detection efficacy

Continuous Improvement & SOC Maturity

Contribute to the development and refinement of SOC processes, runbooks, and playbooks

Identify opportunities to improve SOC efficiency through automation, SOAR, and AI-driven capabilities

Leadership & Mentorship

Provide guidance and mentoring to junior analysts

Act as an escalation point for complex investigations and technical challenges

Support knowledge sharing, training, and continuous skills development within the SOC team

Required Skills & Experience

Technical Skills

Strong hands-on experience with SIEM platforms such as Splunk, Elasticsearch, Microsoft Sentinel, or Google SecOps

Solid understanding of network, endpoint, identity, and cloud security concepts

Experience analyzing logs from firewalls, EDR, IDS/IPS, cloud platforms, and operating systems

Familiarity with incident response methodologies and digital forensics fundamentals

Experience

3-5 years of experience in cyber security operations, SOC, or incident response roles

Proven experience handling medium to high severity security incidents independently

Experience working in regulated environments (e.g. financial services, government, healthcare) is an advantage

Soft Skills

Strong analytical and problem-solving skills

Calm and structured approach when handling incidents under pressure

Strong sense of ownership, accountability, and attention to detail

Preferred / Nice-to-Have

Experience with SOAR platforms and security automation

Cloud security experience (AWS, Azure, GCP)

Scripting or query skills (e.g. SPL, KQL, SQL, Python)

Experience in SOC transformation or SIEM migration projects

Certifications (Preferred)

GCIA, GCIH, GCED

Elastics, Google SecOps, Microsoft Sentinel, or vendor-specific SIEM certifications

Important Notes:

The role operates on a 24/7 basis with 12-hour shifts, with the standard shift timing from 8:00 AM to 8:00 PM. Shift work is required, including night shifts when scheduled.

Top 3 MUST have skillset

o Hands-on security monitoring experience with SIEM platforms preferably, Elastic Stack (ELK)

o Experience analyzing logs from firewalls, EDR, IDS/IPS, cloud platforms, and operating systems

o understanding of network, endpoint, identity, and cloud security concepts