Job purpose
The Senior Cybersecurity Operations Analyst is a key player in the organization’s cybersecurity strategy, responsible for monitoring, analyzing, and responding to security events. This role involves performing technical analysis and triage of alerts from various log sources to assess impact, scope, and determine appropriate actions to mitigate incidents. This role also involves working closely with other teams to ensure ethe security of the organization’s systems, networks, and data.
Key duties and responsibilities
Security Monitoring & Incident Response:
- Monitor and analyze security alerts from various security platforms (SIEM, IDS/IPS, endpoint protection, etc.)
- Respond to and investigate security incidents ensuring timely recovery
- Coordinate with internal teams and external vendors to address and mitigate threats.
- Develop incident response playbooks
Threat Intelligence & Analysis:
- Analyze emerging threats and vulnerabilities, providing actionable guidance to proactively protect assets.
- Leverage information to identify anomalies, Indicators of Attack (IOA), and Tactics, Techniques, and Procedures (TTP)
- Contribute to the development and tuning of detection rules
- Coordinate and manage incident response efforts, including communication with stakeholders and post-incident reviews.
Vulnerability Management:
- Assist in vulnerability scanning and risk assessment activities.
- Track and support internal teams through the remediation of identified vulnerabilities to ensure timely resolution.
Security Tools & Technologies:
- Maintain and optimize security tools, ensuring proper configuration and operations
- Drive solutions to improve the Security Operations function
Documentation & Reporting:
- Document incidents, investigations, and resolutions in detail.
- Generate regular reports on security metrics and provide insights to leadership.
Compliance & Governance:
- Support audits, compliance reviews, and security policy enforcement.
- Ensure adherence to organizational and regulatory security requirements.
Qualifications
Required Qualifications:
- BS/BA in computer science, engineering, or relevant field
- 3-5-years of experience in a Security Operations Center or related role.
- Strong understanding of security concepts, including network security, malware analysis, and threat intelligence.
- Familiarity with cloud security ( AWS and Azure)
- Demonstrate expertise in leveraging security tools (e.g. Qualys, Sentinel One, M365 Security, AWS Security)
- Familiarity with frameworks such as MITRE ATT&CK, NIST, and CIS.
- Strong communication, analytical and problem-solving skills.
Preferred Qualifications:
- Industry certifications such as CEH, GCIH, GCFR
- Knowledge of scripting and automation (Python, PowerShell)
Job Type: Contract
Pay: $50.00 - $60.00 per hour
Experience:
- in a Security Operations Center : 1 year (Required)
- Threat intelligence: 1 year (Required)
- security platforms (SIEM, IDS/IPS, endpoint protection): 1 year (Required)
- Vulnerability management: 1 year (Required)
- MITRE ATT&CK, NIST, and CIS: 1 year (Required)
- Qualys: 1 year (Preferred)
Work Location: Remote
