Job Openings Senior IT Analyst (Security)

About the job Senior IT Analyst (Security)

1. Security Event Analysis & Incident Management

  • Analyze and respond to security events from SIEM, EDR, NDR, and other systems.

  • Manage incident detection, triaging, intrusion attempts, breaches, and malware infections.

  • Conduct phishing analysis, manage suspicious emails, and quarantine emails/files before release.

2. Threat Analysis

  • Conduct malware analysis and threat hunting.

  • Share indicators of compromise with relevant stakeholders.

3. Cybersecurity Operations Collaboration

  • Participate in roundtable discussions to share insights, discuss notable incidents, and identify improvements.

  • Communicate and discuss requests received by ITOD-CS and other ITD teams.

  • Provide input for system fine-tuning and noise reduction.

4. Incident Metrics and Monitoring

  • Review open promoted incidents to ensure alignment with defined reference values, contributing to overall Cybersecurity Operations Team performance.

  • Contribute to the identification and resolution of aging incidents, ensuring healthy metrics in terms of quality and quantity, such as maintaining Mean Time to Closure (MTTC) below the agreed threshold.

5. Security Monitoring and Infrastructure Management

  • Monitor the availability of security systems and log ingestion from multiple sources.

  • Assist with workstation, software, and file scanning, as well as other end-user security concerns.

  • Support Endpoint Detection and Response (EDR) policies and server application whitelisting.

6. Process Documentation and Automation

  • Document and automate security processes.

  • Support Security Orchestration, Automation, and Response (SOAR) initiatives.

7. Collaboration and Communication

  • Coordinate with team members and managed security service providers (MSSP) for incident resolution, fine-tuning, and noise reduction.

  • Collaborate with the reporting line and ITOD-CS on compliance management, data security, security architecture, cyber hygiene, risk governance, security audits, and operational incident response support, including brand protection, phishing investigations, and USB unblocking.

  • Collaborate with vulnerability management efforts, particularly in dissemination and reporting activities.

8. Continuous Improvement and Reporting

  • Stay updated on security trends and translate insights into actionable improvements.

  • Provide training and mentoring to colleagues.

  • Escalate or report significant security detections to the reporting line, including notable or unusual events, VIP-related detections, and other critical findings.


Or refer someone