🌎
This job posting isn't available in all website languages

Security Analyst

🔍 Colombo, Western Province, Sri Lanka

New
📁
Engineer
📅
CREQ230982 Requisition #
📅
5 days ago Post Date
Key responsibilities & Accountabilities:

* Designing, implementing, and maintaining tooling and processes to enhance CLIENTs IT Security posture.
* Advising developers on best practice and security architecture during development
* Conducting security reviews of software prior to release to ensure they meet CLIENTs security requirements.
* Acting as an escalation point for investigation and resolution of events where more junior members of the team require support.
* Creation of SOPs, policies, and procedures relating to our Information Security practices.
* Assist in reviewing and mitigation of vulnerability assessments, penetrations tests and security audits and working with IT to mitigate any identified risks.
* Assessment of vulnerabilities to identify the potential impact to CLIENT.
* Keep up to date with the latest Cyber Security Trends and Updates

Skills & Ability

* An analytical thinker with excellent problem-solving skills
* High attention to detail
* Security Detection and Monitoring
* Incident Response
* SIEM tools (Azure Sentinel)
* Vulnerability Management
* Secure Software Development

Knowledge & Experience

* 1+ Years previous experience working within the Cyber Security industry.
* Working knowledge of Windows & Active Directory (Inc Azure Active Directory)
* Hands on working with Office 365 and Azure
* Networking, including TCP/IP and other common protocols.
* Use of SASE including Cato preferred but not essential.
* Experience in cyber forensics preferred but not essential.
* Working knowledge of security standards and frameworks
* Any Microsoft certification would be a bonus, but not essential.
.

Key Responsibilities and Accountabilities

  • Investigate and resolve escalated advanced security incidents

  • Collect forensic data, analyze root causes, restore systems, and lead containment, eradication, and recovery

  • Conduct post-incident reviews to identify and fix gaps

  • Mentor L1 analysts on investigations, escalation, and threat mitigation

  • Lead SOC knowledge sharing and review escalated cases for proper triage and analysis

  • Collaborate with IT, engineering, and compliance to improve workflows and response plans

  • Develop training materials and maintain SOC knowledge base aligned with best practices

  • Tune detection tools to improve accuracy and reduce false positives

  • Manage complex tuning requests and refine detection logic

  • Conduct threat hunting on hosts, domains, and networks

  • Use threat intelligence to identify and counter emerging threats

  • Develop detection rules for network and host threats

  • Expand coverage using IOAs and IOCs

  • Manage SIEM, EDR, XDR, scanners, firewalls, and email gateways

  • Stay updated on threats and mitigation

  • Participate in red/blue team exercises

  • Create detailed reports on incidents, threats, and SOC performance

  • Present briefings to stakeholders

  • Ensure documentation is thorough and shared

  • Maintain 24/7 SOC readiness

  • Escalate complex events, guide junior analysts, and improve workflows and detection

Skills and Abilities

  • Strong knowledge of security frameworks, MITRE ATT&CK, SIEM, EDR, XDR, scanners, firewalls, IDS/IPS

  • Skilled in log analysis, forensics, and event correlation

  • Analyze malicious activity across endpoints, networks, and cloud

  • Excellent problem-solving, communication, multitasking, and adaptability under pressure

Knowledge and Experience

  • 3+ years SOC or cybersecurity experience

  • Bachelors in Cybersecurity, Computer Science, or related, or equivalent experience

  • Certifications like CompTIA CASP+, Pentest+, eCTHP, BTL2, GCIH preferred

Previous Job Searches

Similar Listings

Threat Intelligence Analyst

Colombo, Western Province, Sri Lanka

📁 Engineer

Requisition #: CREQ230985