The Cyber Security Analyst is responsible for safeguarding the organization’s IT infrastructure and data by monitoring, analyzing, and responding to security threats and incidents. This role involves proactive threat detection, incident management, and ensuring compliance with industry security standards. The Cyber Security Analyst collaborates closely with IT and business teams to mitigate risks and enhance the organization’s overall security posture.
Key Roles and Responsibilities
Security Monitoring:
- Monitor the organization’s SIEM and SOAR platforms on a daily basis.
- Supervise the organization’s security devices, including firewalls, IDS/IPS, EDR, DLP, and Email Security Gateways.
Incident Management:
- Establish and oversee an organization-wide security incident management framework.
- Investigate security incidents, identify root causes, and recommend effective remediation measures.
- Analyze malware activities and their potential impact on business-critical systems.
Threat Analysis and Mitigation:
- Perform event log analysis and correlation to identify and respond to potential threats.
- Propose and implement mitigations for identified security vulnerabilities.
Compliance and Governance:
- Ensure compliance with industry standards such as ISO 27001 and support data governance initiatives.
- Leverage Microsoft Compliance and Purview tools to maintain regulatory compliance.
Collaboration:
- Work closely with IT teams to address security issues and implement corrective actions.
- Report findings and recommendations directly to the Manager.
Essential/Required Competencies
Education:
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Experience:
- Minimum of 4 years of hands-on experience in a cybersecurity role.
- Proven expertise in security monitoring tools such as Microsoft Defender EDR, Sentinel, and Purview.
- Experience with security technologies, including firewalls, IDS/IPS, EDR, DLP, and Email Security Gateways.
- Familiarity with Darktrace or similar AI-based security tools.
- Strong background in event log analysis and correlation.
Skills:
- In-depth understanding of network security, cloud security, and compliance frameworks such as ISO 27001.
- Hands-on experience with scripting languages (e.g., Python) for automation and threat analysis.
- Strong knowledge of threat intelligence, vulnerability assessments, and incident response processes.
- Proficiency in analyzing malware activities and root cause identification.
- Effective communication and collaboration skills to work with cross-functional teams.
- Critical thinking, problem-solving, and attention to detail.