As a Security Analyst, your role on the team will include leveraging your knowledge of industry best practices, good judgment and problem solving skills to execute security operations.
Areas of concentration include firewalls, intrusion detection/prevention, encryption, antivirus, incident response, and security event management.
In this position you will:
- Provide security monitoring for a growing environment; support incident responses and provide root cause analysis support for incidents.
- Provide Information Security Reporting and Metrics and provide input into improving information security reporting and metrics; identify/recommend improvements on internal investigation capabilities via tool building.
- Provide assistance in recovering from security breaches; participates in investigation and remediation of security incidents; establish configuration policies for security technologies.
- Review aggregated server logs, firewall logs, intrusion prevention logs, and network traffic for unusual or suspicious activity.
- Conduct research on emerging threats in support of security enhancement and development efforts; recommend security improvements, upgrades, and/or purchases.
Key Skills Required for the role:
- Have a strong IT technical background and experience working in a SOC environment.
- Has functional knowledge of understanding and configuring open source toolsets. Examples are Splunk, Logstash, Redis, ElasticsSearch, and Kibana (ELK).
- Has utilised toolsets for analysis such as but not limited to SIEMs (e.g. Splunk, ELK, LogRhythm, MacAfee, IBM QRadar, etc.), IDS/IPS (e.g. network- and host-based), NAC, FIM, DLP, vulnerability management tools, network monitoring tools, Cyber Security Case management (eg SNow), etc.
- Functional knowledge of TCP/IP protocol suite, LAN/WAN technologies, switching, routing, VoIP and Telephony technologies, firewalls and VPN, intrusion prevention systems (IPS), vulnerability assessment and patch management tools.
- Functional knowledge of UNIX, Linux, Apple and Windows technologies.
- Functional knowledge of operating protocol analysers and analysing output.
- Experience of using Security Information and Event Management (SIEM) platforms, and Case Management tools.
- Active CISSP, SSCP, SANS certifications, Security or equivalents
- Knowledge of building and consuming RESTful web services.
- Knowledge of JASON, Query String Query, and Python (or similar).
If you are interested please forward a copy of your most recent CV.
Deadline for this role is 17/03/2017 at 3pm
Look forward to hearing from you