Sekuro is seeking a dedicated and experienced Mid-level Cyber Security Analyst to operate within our global virtual Security Operations Centre (SOC), a 24/7/365 operation. This role involves timely detection and response to security incidents. Conducting Exploratory Threat hunts, Research, and reporting. The ideal candidate is honest, motivated, and driven, with a solid background in, threat detection, investigation, threat hunting and Security research. You should be eager to learn, contribute to new processes and playbooks, and thrive in a dynamic, high-pressure environment.
Key Responsibilities- Review and analyse alerts from SIEM platforms (e.g., Splunk, Logscale, Sentinel, or Elastic) in a timely manner.
- Perform initial assessments and triage of security anomalies, escalating issues appropriately or investigating incidents using available resources.
- Execute cloud incident response procedures, with strong working knowledge of AWS and Azure environments and service logs.
- Conduct Proactive, Indicator and Exploratory threat hunting based on current threat intelligence and hypothesis development.
- Perform incident response tasks to mitigate risks and limit potential damage.
- Review and update detection rules, process documentation, and playbooks.
- Collaborate with other teams to enhance understanding of customer environments and emerging threats.
- Identify deficiencies in monitoring systems and propose improvements.
- Analyse regular intelligence briefs to stay updated on the evolving threat landscape.
- Maintain and update dashboards, reports, and alerting mechanisms to ensure effective monitoring.
- Contribute to continuous service improvements within the SOC.
- Proven experience with SIEM platforms such as Splunk, Logscale, Sentinel, or Elastic.
- Strong cloud incident response skills, specifically within AWS and Azure environments.
- Prior experience in engineering, threat detection, and threat hunting.
- Proficiency in scripting (e.g., Python, PowerShell, or similar languages) to automate tasks and analyse data.
- Minimum of 2 years experience in a Cyber Security Operation Centre.
- OSCP, PNPT, EJPT, BTL2, CDSA, or SANS GCIH.
- Excellent analytical skills and attention to detail.
- Ability to develop solutions to complex problems under pressure.
- Understanding of best practices in network security, security operations, systems security, policy, and incident response.
- Strong communication skills, both written and verbal.
- Tertiary education in information or cyber security and/or software development is highly desirable.
At Sekuro, you will work with cutting-edge security technologies in a collaborative environment where your expertise directly contributes to safeguarding critical infrastructures. We offer continuous professional development, certification support, and opportunities for career advancement within our growing SOC team.
#J-18808-Ljbffr