Senior Analyst: Security Operations Cent

Senior Analyst: Security Operations Cent
Company:

African Bank


Senior Analyst: Security Operations Cent

Details of the offer

Own the documentation and measurement of all subordinate procedures as well as the continual improvements to them.
Responsible for the execution of the information fusion procedure, where various data inputs are fed to both operations and SIEM management.
Gather information, collate it into an accessible format, and ensure its full dissemination.
Responsible for the subtle event process—long term analysis and deep dive investigation into network activity.
Classify identified threat intelligence, including source and fidelity, and the initial search for its presence in the environment.
Job RequirementsMINIMUM EDUCATION
Bachelor’s degree or equivalent experience in a related field
Security related certifications, for example CISSP, GCIA, GCIH, CEH, or OSCP
CompTIA Advanced Security Practioner (CASP), CISSP, GIAC Information Security Fundamentals (GISF), GIAC Security Essentials (GSEC), GIAC Certified Enterprise Defender (GCED), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA)
MINIMUM EXPERIENCE
Demonstrable experience of working in a SOC team.
5+ years advanced IT security related experience.
Demonstrable experience with an enterprise-grade SIEM platform (e.g. McAfee, LogRhythm, Splunk, AlienVault, ArcSight, QRadar, Elasticsearch).
Experience in Security Event analysis & triage, incident handling and root-cause identification.
Speciality in one or more of the following Information Security domains:
Cyber Intelligence Analysis,
Threat Monitoring,
Incident Response,
Machine Learning & Artificial Intelligence,
Malware Analysis,
Computer Forensics,
Endpoint Protection,
Network Security,
Infrastructure Security,
Application Security,
Platform Security,
Identity & Access Management,
Security Education & Awareness,
Vulnerability Scanning & Management, and
Compliance & Risk Management
Experience with Red and Blue team engagements.
Knowledge and hands on experience in deployment and management of IDS/IPS, firewalls and other security and network products
CRITICAL COMPETENCIES
Expert analytical and problem solving skills
Self-driven leader and highly motivated
Ability to work independently and in a team environment
Ability to mentor and train junior SOC analysts on technical and process related areas
Willingness to work flexible hours and support on-call
Experience working with SIEM tools (McAfee ESM) and able to identify tuning recommendations for improved detection and accuracy
Experience performing security analysis and incident response
In-depth experience performing packet captures and analyzing output
Expert level understanding of operating systems and networking (TCP/IP)
Expert level understanding of security threats and vulnerabilities
Expert level understanding of security tools and technologies such as McAfee ESM, Nexpose, FTK, Encase, F5.
Experience of virtualisation technologies, ideally VMware
Minimum of 5 years of experience in the field of cyber security
ADDITIONAL COMPETENCIES
Prior experience in an operations environment as a security analyst and/or engineer
Ability to write and understand scripts in languages such as Python, Ruby, Bash, etc
Ability to write and understand complex regular expressions (PCRE).
Event Detection tools (e.g. FireEye, Palo Alto, Fortinet, Cyren, Sophos)
Knowledge and hands on experience in deployment and management of IDS/IPS, firewalls and other security and network products
Knowledge and hands on experience in deployment and management of IDS/IPS, firewalls and other security and network products
FUNDAMENTAL COMPETENCIES
Excellent team-working skills, and a "can do, let's get it done" attitude is crucial.
A desire to keep learning, extending your skills and pushing the boundaries of your knowledge.
Ability to work to deadlines
The ability to manage pressure and conflicting demands and prioritise tasks and workload
Ability to work with minimal levels of supervision
Reliability and honesty
KEY RESULT AREAS
Incident management
Ensure SOC event(s) are addressed in a timely manner using available reporting and metrics.
Approve and, if necessary, further investigate level 1-escalated events.
Manage SOC event and information intake to include gathering intelligence reports, monitoring ticket queues, investigating reported incidents, and interacting with other security and network groups as necessary.
Serve as a backup analyst for any potential coverage gaps to ensure business continuity
Center of Excellency
Serve as detection authority for initial incident declaration.
Function as subject-matter experts (SMEs) on incident detection and analysis techniques, providing guidance to junior analysts and making recommendations to operations managers.
Drive and monitor process metrics ensuring applicable reporting is gathered and disseminated per SOC requirements.
Research and Development
Conduct security research and intelligence gathering on emerging threats and exploits.
Mentorship
Monitor SOC analyst performance by investigating incoming events using SOC-available tools.
Mentor SOC analysts to improve detection capability within the SOC.
Reporting
Advanced reporting as required (daily, weekly, monthly and incident)


Source: Jobs4It


Area:

  • Other Jobs / Other Jobs - Crafts

Requirements