Security Analyst - CERT Team

- - - - - - - - - - - -

KEY EXPECTED ACHIEVEMENTS

1. Security Incident Handling:

• Analyze and confirm the severity of security incidents based on available data.
• Follow documented incident response procedures to resolve threats efficiently.
• Collaborate with technical experts to develop and implement remediation plans.
• Track and monitor corrective actions, ensuring stakeholders are informed and engaged.
• Write detailed incident reports, including "hot" and "cold" feedback, for major incidents.
• Participate in crisis management, including artifact collection, risk analysis, and first-level threat assessments.

2. Projects, Continuous Improvement, and Expertise Sharing:

• Stay updated on the latest incident response techniques through training and daily monitoring.
• Provide technical expertise for projects, including tool evaluations, risk analysis assistance, and technical audits.
• Propose and develop new detection scenarios, automation tools, or enhancements to improve productivity.
• Conduct team knowledge-sharing sessions by presenting in-depth technical topics.
• Contribute to the broader expertise missions within the team based on skillsets.

Experience Requirements:

• 10–12 years of relevant experience in cyber security, with a focus on security incident handling, detection, and analysis.

Qualifications and Skills:

Technical Skills:

• Data Analysis & SIEM Tools:
  • Proficient in SPL (Search Processing Language) for data analysis, threat hunting, and creating dashboards.
  • Strong experience with SIEM tools like Splunk (Preferred), Q Radar or Sentinel.
• Endpoint Protection (EPP) & Endpoint Detection and Response (EDR):
  • Hands-on experience with tools such as:
    • Trend Micro Deep Security
    • Microsoft Defender
    • Palo Alto Cortex
    • Tehtris eGambit
• Network Security & Firewalls:
  • Knowledge of firewalls, IDS/IPS, VPNs, and network devices such as:
    • Cisco
    • Palo Alto Global Protect
  • Proficiency in analyzing firewall logs and interpreting PCAPs using tools like Wireshark.
• Operating Systems & Scripting:
  • In-depth understanding of Windows and Linux log analysis.
  • Knowledge of PowerShell scripting and other system scripting languages.
• Investigative Skills:
  • Ability to autonomously investigate alerts from detection to resolution.

Behavioral Competencies:

• Strong analytical and problem-solving skills.
• Ability to work independently while collaborating with a global team.
• Excellent communication and report-writing skills.
• Passion for continuous learning and knowledge sharing.
• Flexibility to work in a fast-paced environment and support on-call rotations.

Availability

The role operates on a follow-the-sun model, requiring collaboration with the global Group CERT team. Analysts must operate 3-4 days from the office and be available on a rotation basis for Weekend on call support.