Cyber Security Analyst

• The Cyber Security Analyst is responsible for safeguarding the organization’s digital assets by identifying and mitigating potential security risks, monitoring network activity for unusual behaviour, and responding to incidents. This role requires a strong understanding of security best practices,
  hands-on experience with various security tools, and the ability to respond quickly and effectively to emerging threats.
  A key focus of this role is on the effective management and optimization of the Security Information and Event Management (SIEM) system, ensuring it provides actionable intelligence for rapid threat response. This role will require strong analytical skills, good collaboration skills, detailed working knowledge of current and emerging security technologies, and the ability to correlate events to identify abnormal behaviour.
  Responsibilities:
  • Responsible to ensure accurate and rapid response to security events.
  • Analyze security logs, SIEM alerts, and incident reports to identify and mitigate risks.
  • Respond to and investigate security incidents, including breaches, malware outbreaks, and phishing attacks. Monitor networks and systems for security breaches, alerts, and anomalous activity.
  • Conduct root-cause analysis to prevent future incidents and develop incident response procedures.
  • Provide analysis and trending of security log data from various security devices
  • Configure and maintain SIEM tools to align with the organization’s security objectives and threat landscape.
  • Create custom SIEM dashboards and reports for different stakeholders to visualize critical security metrics and incident data.
  • Develop and optimize SIEM content, including rules, alerts, and correlation logic, to improve threat detection and response.
  • Regularly review and tune SIEM rules to reduce false positives, enhance event correlation, and maintain relevance to evolving threats.
  • Document and update SIEM processes and configurations, ensuring a high level of data accuracy and availability.
  • Perform regular vulnerability scans and assist in patch management processes. Work with IT teams to prioritize and remediate them.
  • Recommend solutions to mitigate risks in any activity that may potentially impact security of existing IT and information management
  • Ensure compliance with industry regulations (e.g. GDPR, ISO 27001) and company policies.
  • Assist in the development, implementation, and maintenance of security policies, standards, and guidelines.
  • Assist in training staff on security best practices, including phishing awareness and data protection.
  • Help develop educational materials and conduct periodic security awareness training.
  • Advise and consult internal/ external customers on risk assessment, threat modelling and vulnerability management. Perform risk assessments and recommend security measures to mitigate potential risks.
  • Document risks, vulnerabilities, and remediation strategies in a detailed risk management report.
  • Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes and development of new attacks and threat vectors.
  • Manage and optimize security tools, such as firewalls, antivirus software, and intrusion detection/prevention systems (IDPS).
  • Perform 1st level troubleshooting on servers and network issues with regards to log collection/security tools.
  • Generate reports on security metrics, incidents, and remediation efforts for management.
  • Maintain accurate documentation of incidents, security changes, and system configurations.
  • Any other ad-hoc duties as required or assigned.

Bachelor Degree or Advanced Diploma in Computer Science, Information Technology,
Cybersecurity from a recognized university or related field (or equivalent experience)
At least 1-3 years in a cybersecurity role, with hands-on experience in SIEM content management, network security, threat monitoring, or incident response.
Strong knowledge of cybersecurity principles, practices, and technologies.
Expertise in SIEM tools and content management, including rule creation, alert tuning, and report customization.
Proficiency with security tools like firewalls, IDPS, antivirus, and vulnerability scanners.
Knowledge of scripting (Python, PowerShell) for automation within the SIEM environment is a plus.
Ability to analyze and interpret security data to identify vulnerabilities and potential threats.
Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
Strong analytical skills and attention to detail.
Ability to work on-call or off-hours as needed to respond to security incidents.
May require occasional travel for training or workshop.
Experience in the application of threat modelling or other risk identification techniques.
Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits.
Breadth of knowledge in information security space with emphasis on TCP/IP network security, operating system security, common attack patterns and exploitation techniques.
Relevant certifications (e.g., CompTIA Security+, Certified Information Systems Security
Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC)) are a plus.
Effective leadership skills and a team player.
Strong sense of ownership and drive.