Senior Cyber Security Analyst

Essential duties:

This role will report into the Security Operations Centre Team Leader and will deliver the following as part of team responsibilities: 

Monitor and Respond: Oversee and address security, alerts, and incidents using Microsoft Sentinel on a rotating 24/7 shift roster. 

Incident Escalation: Identify and escalate confirmed security threats to customers. 

Service Delivery: Ensure services meet established service level agreements (SLAs) and quality standards. 

Continuous Improvement: Contribute to the Security Operations Centre (SOC) continuous improvement initiatives. 

Effective Communication: Maintain clear and effective communication with customers, team members, and management. 

Cybersecurity Advice: Provide expert cybersecurity advice to clients. 

Vulnerability & Ticket Management: Support daily operations by managing vulnerabilities and handling tickets as needed using Tenable and Microsoft solutions. 

Operational Oversight: Provide monthly reports covering cybersecurity incidents, advisories, and vulnerability management. 

ITIL Practices: Adhere to ITIL guidelines for service requests, incidents, problems, and change management. 

Incident Response: Participate in incident response activities as part of the client’s Cyber Security Incident Response Team (CSIRT). 

Tabletop Exercises: Conduct tabletop exercises to prepare for potential security incidents. 

Audit Assistance: Assist clients in responding to internal and external audit assessments. 

Customer Support: Address customer inquiries and manage escalations effectively. 

Qualifications:

Individuals with 3+ years of experience in a security operations centre, including but not limited to: 

• Advanced Network Security: In-depth understanding of network protocols, architecture, and security measures. Experience with analyzing traffic from firewalls, VPNs, IDS/IPS, and other network security tools. 
• Incident Response and Management: Proficiency in leading and managing the entire incident response lifecycle, including detection, analysis, containment, eradication, and recovery. Experience with incident response frameworks like NIST and SANS. 
• Threat Intelligence and Hunting: Advanced skills in threat intelligence gathering, analysis, and application. Ability to conduct proactive threat hunting to identify and mitigate potential threats before they cause harm. 
• Log Analysis and SIEM: Expertise in analyzing logs from various sources and using SIEM tools to detect and investigate complex security incidents. Ability to create and fine-tune SIEM rules and alerts. 
• Vulnerability Management and Penetration Testing: Strong knowledge of vulnerability assessment tools and techniques. Experience in conducting and managing penetration tests to identify and address security weaknesses. 
• Escalations: Experience with managing escalations from L1 and L2 analysts 

If this sounds like you, we’d love you to apply!  

We believe in the power of an inclusive and diverse workforce. We trust you will bring your authentic self to work, and we will focus on making sure that together, we make a strong contribution to the broader community in which we operate. Where possible, flexible working arrangements are the norm, as we know a better work-life balance can improve your motivation, performance, and productivity.

As an equal-opportunity employer, all applicants will be considered. Benefits/perks may vary depending on the nature of your employment with Canon Group and the country where you work. All applicants must be eligible to work in the country they are applying to at the time of application.