Job Description
Overview of the role
The Entry-Level Information Security Analyst will play a key role in supporting our Cyber Defence activities and will be responsible for working on various aspects of information security, focusing on SIEM Administration, Security Operations Centre (SOC) events monitoring and investigations and Vulnerabilities assessment. This is an exciting opportunity to join a dynamic SOC team and play a key role in defending our organization against cyber threats.
What you will do
Qradar SIEM Administration
- Administration and maintenance of QRadar appliances, including software updates, patches, and upgrades.
- Monitoring and analyzing security events and incidents detected by QRadar.
- Performing regular health checks, tuning, and optimization of QRadar system components.
- Troubleshooting and resolution of issues related to QRadar functionality and performance.
- Collaboration with IT security teams to develop and refine use cases and threat detection strategies.
- Providing support and assistance to other IT teams and stakeholders on Qradar-related matters.
- Documentation of Qradar configurations, processes, and procedures
Security Operations and Incident Management
- Monitor security alerts and events detected by security monitoring systems, including SIEM, IDS/IPS, endpoint security, and other security tools.
- Investigate and analyze security incidents to determine the root cause, impact, and appropriate response.
- Perform in-depth analysis of security events and incidents to identify indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) used by threat actors.
- Develop and execute containment, eradication, and recovery plans for security incidents in coordination with incident response teams and other stakeholders.
- Document incident findings, analysis, and actions taken in incident tickets and reports.
- Collaborate with other teams, including IT, network operations, and application teams, to coordinate response efforts and implement security controls.
- Participate in security incident response exercises, tabletop simulations, and post-incident reviews to improve incident response processes and procedures.
- Perform vulnerabilities scanning and support its closure with wider team.
- Stay up to date on emerging threats, vulnerabilities, and security technologies through training, research, and knowledge sharing.
Process, procedure and Knowledge management
- Collaborate with team members and ensure the periodic update of all the SOC specific process, procedures and activity lists.
- Upgrade skills as per the need on ongoing basis to meet the requirement of SOC analyst.
Skills
Required skills to be successful.
- Strong foundational knowledge of information security principles and concepts.
- Proficiency in analytical and problem-solving skills.
- Exceptional communication and teamwork abilities.
- Effective organizational and time management skills, especially in an operational role.
- Commitment to strict adherence to SLAs to provide excellent support for critical business issues.
- Familiarity with commonly utilized security tools and technologies is an asset.
What equips you for the role
- Relevant – Bachelor’s degree in information security, Computer Science, or related field (or equivalent experience).
- Minimum 8+ years of experience