Security Analyst II

Responsibilities:

• Perform initial triage and advanced analysis tasks across endpoint, SIEM, server, and network infrastructure.
• Perform proactive security investigations and searches on client environment to detect malicious activities
• Perform Incident investigations and deep dive analysis on detected threats.
• Understand and identify indicators of attack and compromise in alerts, by hunting through data, and by reviewing past investigations.
• Have full understanding of the MITRE ATT&CK framework. Mapping clients’ use cases to tactics and techniques.
• Triage, review, and provide log data for more insight and recommendations to escalate through SIEM.
• Effective oral communications and writing/drafting skills.
• Maintain up to date knowledge and understanding of the current threat landscape.

Requirements:

• 3 or more years of progressing/in-depth IT security experience.
• Demonstrate experience in using Endpoint Detection and Response software (SentinelOne, CrowdStrike, Defender, etc.)
• Advanced knowledge of at least one leading SIEM platform (Microsoft Sentinel, Splunk, Elastic, Google Chronicle, Sumo Logic etc.)
• Experience in SOC and Incident Response activities.
• Understanding of SIEM correlation, use cases and events.
• Should hold at least one industry certification Sec+, CEH, SC 200, Any Cloud Certification and Cloud Security Fundamentals.
• Basic scripting or development experience would be an added advantage.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.