Security Analyst
Us
IPSec are Cyber Security experts who focus on delivering security services to the private and public sectors through managed security, penetration testing, projects/consulting and GRC.
The IPSec SOC team where this position resides, specialise and deliver multiple managed service offerings to our clients that include Managed Firewalls, Managed EDR, Managed SIEM and Managed Vulnerability Management.
The Position
IPSec Security Analysts are responsible for monitoring, investigating, responding, threat hunting and reporting across client networks. Security Analyst’s main role is to look at trends or outlying data in network activity and then investigate the cause and legitimacy of the activity. This information can then be utilised in the creation and tuning of detection rules to create a more efficient and effective SIEM or EDR platform.
Security Analysts are also required to build and update playbooks for IPSec customers for utilisation when the customer is a victim of a Cyber Security incident. This requires Security Analysts to work closely with IPSec clients, understanding Service Level Agreements, providing usable incident reports and undertaking troubleshooting across client networks to identify the root cause of underlying problems.
Knowledge
- Excellent knowledge of SIEM (LogRhythm, Splunk, MS Sentinel or any major vendor)
- Excellent knowledge of EDR/XDR (SentinelOne, Crowdstrike, Defender ATP)
- Knowledge of multiple security technologies including firewalls, IDS/IPS, Web/Email Filter etc.
- Excellent knowledge of Windows/Unix environments.
- Understanding of key log sources for SIEM.
- Strong knowledge of current security threats, techniques, and landscape, and a dedicated and self-driven desire to research and learn more about the information security landscape.
- Knowledge of the MITRE ATT&CK framework and the tactics, techniques and procedures employed by Advanced Persistent Threats.
Personal Skills
- Ability to manage competing priorities, deliver successful outcomes and work in a fast-paced team environment.
- Ability to communicate clearly with clients, via phone, email and written reports.
- Excellent organisation and time management skills.
- Ability to work within an evolving and changing team across different departments of IPSec.
Experience
- 2 or more years of Information Security Experience
- Experience in designing and tuning security use cases
- Good understanding of event correlation and regular expressions/KQL to create detection rules
- Review and triage incidents from SIEM/EDR
Benefits
- Quarterly company functions
- Training and development
- Inclusive environment
- Hybrid working options
This is a full-time position. The successful candidate will also be required to undergo a national police check andresidency check. To apply for this position, please click "Apply" and submit Cover Letter and CV in PDF.