Security Operations Analyst (Level 3)

About the role

Are you passionate about cybersecurity? Do you have a strong attention to detail and proven track-record of delivering results?

We are looking for a motivated Security Operations Analyst (Level 3) who lives and breathes cybersecurity and customer satisfaction.  You will work with a team of experts to deliver exemplary internal and external services by using your strong documentation skills, technical knowledge, analytical skills, and ability to collaborate with others, and determination and drive for constant improvement.

You will be performing security monitoring, security and data/log analysis and forensic analysis, to detect security incidents, and to response to incidents. You will also investigate and utilise new technologies and processes to enhance security capabilities and implement improvements.

Key responsibilities

• Monitor Red Piranha and its clients’ networks, computers and applications for anomalous behaviour in the networks
• Analyse, contain and eradicate security threats, ensuring swift resolution for clients
• Provide analysis and trending of security log data from a large number of heterogeneous security devices;
• Provide incident response (“IR”) support when analysis confirms an actionable incident;
• Provide threat and vulnerability analysis as well as security advisory services;
• Perform dark web monitoring
• Investigate, document, and report on information security issues and emerging trends;
• Integrate and share information with other analysts and other teams;
• Complete information security management systems documentation for Red Piranha and its clients based around its risk audits and reports;
• Forensic analysis of SIEM events and log files; and
• Work on IDS/IPS rule creation and analysis.

About you

• Master of Cybersecurity, with 3-5 years of hands-on experience in a security operations (SOC) environment   
• Excellent English, verbal and written communication skills (as you will be communicating with our international audience) while delivering a customer centric approach
• A solid understanding of systems administration, networking, security/compliance frameworks (eg ISO27001) threat models, attack vectors and defence mechanisms
• Experienced in using tools like Splunk, ArcSight, QRadar to monitor and analyse security events
• Familiar with IDPS such as Snort, Suricata or Bro
• Understanding and able to apply knowledge of how firewalls, antivirus software and vulnerability management systems work
• Ability to investigate security incidents, analyse the root cause and respond to security breaches
• Basic knowledge of forensic investigation techniques and tools for analysing malicious software
• Understanding of Windows, Linux, and Mac OS environment, with scripting skills in languages like Python, Powershell, or Bash
• Strong incident response across MS Azure, AWS, etc
• Ability to work as a part of a team or autonomously
• Strong customer service and problem-solving skills
  
  

Desirables

• Experience with SOC and CTI platforms such as The Hive, Cortex, Cuckoo Sandbox
  
  

Clearance Requirements

• Ability to obtain and maintain Police Clearance or Defence clearances