As a member of the Managed Security Services team, an Associate Cyber Security Analyst will be focused on working with the team to perform ongoing operations, administration and development of security systems. You will continuously work towards high confidence and high-fidelity detection rules leveraging anomalous or suspicious events in collaboration with other SOC team members, including SOC Engineers and Operations.
Your main responsibilities will include but are not limited to:
- Investigate malicious phishing e-mails, domains and IP’s using open source and sector intelligence
- Recognise potential, successful, and unsuccessful intrusion attempts and compromises through correlation analysis of relevant event detail and summary information
- Conduct proactive monitoring, investigation, and escalation of security incidents
- Provide implementation services for customer and internal security projects, including all facets of customer liaison, and problem resolution to ensure successful completion
- Provide operational support and project support with clients, taking the initiative to drive improvement and deliver successful outcomes for customers
- Provide mentoring and operational guidance to less experienced team members
We are looking for a well-organised professional, with initiative and enthusiasm. You will have at least 3 years of relevant experience and will have a good mix of the following skills, knowledge & experience:
- Experience with Microsoft security platforms including Sentinel, Defender
- Experience working with Linux and/or Unix based systems
- Experience with vulnerability management technologies such as Tenable, Qualys, etc.
- Experience of working/supporting large scale IT Security Operations practices
- Solid understanding of the MITRE ATT&CK Framework add cyber kill-chain
- Knowledge of security principles and techniques and understanding of IT security related technologies (e.g., Endpoint Detection and Response, data encryption, PKI, DLP/IDS, etc.)
- Knowledge of standards and frameworks including, NIST, and ISO/IEC 27000 series
- Ability to achieve security clearances
- Ability to document and explain technical details clearly and concisely to both technical and non-technical audiences
- Familiar with the cloud computing, networking, firewall, and ITSM concepts
Note: The role will be subject to state and federal police background checks.