Senior Security Analyst

Company Details

Finding Space & Satellite Professionals New Jobs!

Are you a Security Analyst looking to progress onto the next stage of your career or are you a Senior Security Analyst who is looking to work on challenging and exciting projects? Are you currently looking for a new opportunity where you can work on cutting edge technology within a state of the art environment? Then look no further, this role is for you!

Key responsibilities:

  • Monitor the alarm console; provide an initial analysis of logs and network traffic; and make security event determinations on alarm severity, escalation, and response routing
  • Provide communication and escalation throughout the incident as per the companies Security Incident Management guidelines
  • Act as the primary escalation point to other Security Analysts monitoring the Security Information and Event Management (SIEM) System & provide an initial investigation of security incidents. Take an active part in the containment of incidents, even after they are escalated
  • Deliver investigation and remediation activities as a member of the Security Incident Response Team.  Participate in Security Incident Response Team (SIRT) events
  • Coordinate with data asset owners and business response plan owners during high severity incidents and vulnerabilities
  • Conduct research and assessments of security events; provide analysis of firewall, IDS, anti-virus, and other network sensor produced events; present findings as input to SIRT
  • Lead the Compliance/Vulnerability Assessment (VA) Scanning programme, taking ownership of the platforms and processes. Follow a documented process for routine scanning of the company’s infrastructure and network elements.  Develop mitigation and remediation plans because of the vulnerability assessment findings
  • Monitor threat and vulnerability news services for any relevant information that may impact installed infrastructure.  Analyse reports to understand threat campaign(s) techniques, lateral movements, and extract indicators of compromise (IOCs)
  • Understanding of performing analysis and interpretation of information from SOC systems; incident identification/analysis, escalation procedures, and reduction of false positives
  • Create and update security event investigation notes, conduct shift change reports on open cases, and maintain case data in the Incident Response Management platform
  • Continuous engagement with the Threat Intelligence and 24×7 Monitoring teams
  • Provide ad-hoc on-call support to review threats and response actions for off-hour critical threat detection
  • Document information security operations policies, processes, and procedures

Essential Knowledge and Skills:

  • A University degree level education or equivalent in Information Security, Forensics, or Computer Science; related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, and vulnerability analysis
  • A Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), or equivalent certification would be advantageous
  • Intermediate knowledge of Information Security fundamentals, technologies, and design principals
  • Understanding or proven experience in securing Windows, Linux, Oracle and VM platforms
  • Understanding or proven experience of QRadar or similar Security Information and Event Management (SIEM) tools for analysing network and security incidents
  • Experience in Tenable Network Security Nessus, Beyond Trust Retina or similar Vulnerability Assessment (VA) scanner operations for identifying network and platform risks and misconfigurations. Experience in Security Assessment tools/frameworks (NMAP, Nessus, Metasploit, Netcat)
  • Knowledge of network security zones, firewall, IDS
  • Network analysis tools like Wireshark and TCPDump
  • Knowledge of log formats for Syslog, HTTP logs, DB logs and how to gather forensics for traceability back to the event
  • Knowledge of packet capture and analysis
  • Experience in log management or security information management tools
  • Advanced SIEM/IDS content building training

Tagged as: nmap, tenable network security nessus, nessus, metasploit, netcat, tcpdump, wireshark, IDS, firewall

Visit Us On LinkedinVisit Us On FacebookVisit Us On Twitter