Analyst Cybersecurity Operations

1. Investigate escalated incidents to determine the validity and severity of potential security events. 
2. Identify root causes of incidents and provide recommendations for immediate containment and mitigation.
3. Escalate serious or high-impact incidents to the Incident Responder with detailed documentation and analysis findings in a timely manner.
4. Own and manage assigned incidents, ensuring all incidents are properly documented in the case management system and resolved within the defined SLA timeframes. 
5. Recommend tuning or updates to detection mechanisms, correlation use cases and threat intelligence integration based on observed attack patterns and emerging threats.
6. Work closely and mentor Level 1 Security Analyst, providing guidance and support on escalated cases. 
7. Follow established processes and playbooks for incident investigation, escalation, and documentation.

Minimum qualifications:

• Bachelors in any technical group or Information security.

Minimum experience: 

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related fields (or equivalent experience) is preferred. 
• 1-2 years of experience in cybersecurity monitoring, incident response, or a related field. 
• Hands-on experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel, EDR tools, monitoring tools, log analysis and network protocols. 
• Experience with case management systems and structured investigation methodologies. 
• Familiarity with common attack tactics, techniques, and procedures (TTPs) and frameworks such as MITRE ATT&CK. 
• Ability to work independently on complex investigations while collaborating effectively within the CDIC 
• Strong verbal and written communication skills to document findings and communicate with stakeholders.