Cyber Security Analyst

• Job Overview:
o The Cyber Security Analyst is responsible for safeguarding the organization’s digital assets by identifying and mitigating potential security risks, monitoring network activity for unusual behavior, and responding to incidents. This role requires a strong understanding of security best practices, hands-on experience with various security tools, and the ability to respond quickly and effectively to emerging threats. A key focus of this role is on the effective management and optimization of the Security Information and Event Management (SIEM) system, ensuring it provides actionable intelligence for rapid threat response. This role will require strong analytical skills, good collaboration skills, detailed working knowledge of current and emerging security technologies, and the ability to correlate events to identify abnormal behavior.
• Duties and responsibilities:
o Responsible to ensure accurate and rapid response to security events.
o Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
o Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
o Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
o Provide analysis and trending of security log data from various security devices
o Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
o Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
o Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
o Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
o Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
o Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
o Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and information management
o Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
o Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
o Assist in training staff on security best practices, including phishing awareness and data protection.
o Help develop educational materials and conduct periodic security awareness training
o Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management.
o Perform risk assessments and recommend security measures to mitigate potential risks.
o Document risks, vulnerabilities, and remediation strategies in a detailed risk management report.
o Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and development of new attacks and threat vectors.
o Manage and optimize security tools, such as firewalls, antivirus software, and intrusion detection/prevention systems (IDPS).
o Perform 1st level troubleshooting on servers and network issues with regards to log collection/ security tools.
o Generate reports on security metrics, incidents, and remediation efforts for management.
o Maintain accurate documentation of incidents, security changes, and system configurations.
o Any other ad-hoc duties as required or assigned.