Job Description
Job Description
Conduct technical analysis and triage of triggered alerts from log sources to determine impact, scope, and corresponding remedial actions to mitigate incidents.
Analyze, triage, and process security threats to identify potential risk gaps and organizational impact by conducting in-depth analysis of threats, attack vectors, or intelligence.
Collaborate closely with the incident response center's threat intelligence team to enhance contextual analysis and provide threat hunting support related to Open Source Intelligence Indicators of Compromise.
Serve as a point of contact for end users and stakeholders, providing cybersecurity incident updates and related activities during incident coordination, remediation, and recovery.
Provide duty analyst support for incident response center operations during weekends, utilizing a predefined duty roster to ensure 24/7 threat monitoring and alert handling following a follow-the-sun model.
Job Requirements
Proficient in Threat Hunting techniques (endpoint and network data analysis).
Strong comprehension of the attack lifecycle, common attack vectors, tools, and techniques.
Ability to utilize existing data to identify anomalies, Indicators of Attack (IOA), and Tactics, Techniques, and Procedures (TTP).
Capable of developing and maintaining detection/prevention use cases.
Proficient understanding of cyber and IT security risks, threats, and prevention measures.
Solid grasp of Threat Intelligence usage in incident response.
Good knowledge of security standards and best practices.
Understanding of various operating systems.
Familiarity with the Cyber Kill Chain and demonstrable analytical skills.
Previous experience in a corporate or enterprise environment, engaging with and responding to diverse internal stakeholders, including senior management.
Experience with SIEM (Splunk ES) and EDR (CrowdStrike).
EA Licence No.:18S9405 / EA Reg. No.:R1330864
Skills & Competencies
Cybersecurity, SIEM, IOA, EDR
