Job title: Senior Security Analyst

Key Accountabilities:

• Lead complex incident investigations: perform in-depth analysis, triage, containment, eradication, and recovery for escalated security events.
• Develop and tune detections: create, refine, and test SIEM rules, analytics, and correlation logic to improve detection accuracy and reduce false positives.
• Conduct proactive threat hunting: search for hidden or emerging threats across logs, endpoints, and network telemetry using threat intelligence and hypotheses.
• Perform forensic triage and evidence collection: gather, preserve, and analyze artifacts from hosts, network devices, and logs to support investigations and potential legal action.
• Coordinate remediation and change actions: work with IT, application owners, and vendors to validate vulnerabilities, implement fixes, and verify effectiveness of mitigations.
• Escalation point and mentorship: serve as technical escalation for Tier 1 analysts, provide guidance, training, and knowledge transfer to improve SOC capabilities.
• Reporting, documentation, and continuous improvement: produce incident reports and post incident.

• Problem Solving, Communication Skills, Cyber Security;

• Certifications: OSCP, PNPT, CRTP, GCIH
• Availability: able to support shift work/on call rotations as required by the SOC.
• Communication and documentation: clear written and verbal communication skills for incident reporting, playbooks, and stakeholder updates.
• Scripting/automation: ability to write/maintain scripts (Python, PowerShell, Bash) to automate investigations and enrich alerts.
• Fundamentals: strong grasp of OS internals (Windows, Linux), networking protocols (TCP/IP, DNS, HTTP, SMTP), and log analysis.
• Incident handling: solid understanding of incident response lifecycle (identification, containment, eradication, recovery) and evidence preservation.
• Endpoint and network security: practical knowledge of EDR/XDR solutions (e.g., CrowdStrike, Carbon Black), firewalls, IDS/IPS, and network telemetry.
• Technical skills: proven experience using a SIEM (e.g., Splunk, QRadar, Sentinel) for detection, triage, and alert investigation.
• Experience: 3+ years of hands on experience in a SOC, incident response, or security role.
• Bachelor's degree in Computer Science, Information Security, Cybersecurity.