Security Analyst

Key Responsibilities and Accountabilities

• Investigate and resolve escalated advanced security incidents

• Collect forensic data, analyze root causes, restore systems, and lead containment, eradication, and recovery

• Conduct post-incident reviews to identify and fix gaps

• Mentor L1 analysts on investigations, escalation, and threat mitigation

• Lead SOC knowledge sharing and review escalated cases for proper triage and analysis

• Collaborate with IT, engineering, and compliance to improve workflows and response plans

• Develop training materials and maintain SOC knowledge base aligned with best practices

• Tune detection tools to improve accuracy and reduce false positives

• Manage complex tuning requests and refine detection logic

• Conduct threat hunting on hosts, domains, and networks

• Use threat intelligence to identify and counter emerging threats

• Develop detection rules for network and host threats

• Expand coverage using IOAs and IOCs

• Manage SIEM, EDR, XDR, scanners, firewalls, and email gateways

• Stay updated on threats and mitigation

• Participate in red/blue team exercises

• Create detailed reports on incidents, threats, and SOC performance

• Present briefings to stakeholders

• Ensure documentation is thorough and shared

• Maintain 24/7 SOC readiness

• Escalate complex events, guide junior analysts, and improve workflows and detection

Skills and Abilities

• Strong knowledge of security frameworks, MITRE ATT&CK, SIEM, EDR, XDR, scanners, firewalls, IDS/IPS

• Skilled in log analysis, forensics, and event correlation

• Analyze malicious activity across endpoints, networks, and cloud

• Excellent problem-solving, communication, multitasking, and adaptability under pressure

Knowledge and Experience

• 3+ years SOC or cybersecurity experience

• Bachelors in Cybersecurity, Computer Science, or related, or equivalent experience

• Certifications like CompTIA CASP+, Pentest+, eCTHP, BTL2, GCIH preferred