Cybersecurity Analyst

Key Responsibilities

•  Threat Detection and Monitoring 

  •  Log analysis – Review system logs for suspicious activity. Microsoft Sentinel and Defender XDR platforms. 

  •  Threat Hunting – Proactively search for hidden cyber threats. KQL. 

•  Incident Response 

  •  Investigate and respond to cyber incidents alerted by the Cyber Defence Centre and SIEM platform. 

  •  Work with internal IT and OT teams to respond to, remediate, and recover from cyber incidents. 

  •  Document incident response scenarios. 

•  Security Hardening

  •  Drive remediation of security vulnerabilities and misconfiguration with IT and OT teams.  

  •  Perform access reviews, dormant and unauthorised device reviews, and drive remediation. 

•  Cyber Security Assessments 

  •  Conduct risk assessments and document action plans in risk registers. 

  •  Facilitate risk response activities and document outcomes.

  •  Report on non-compliance. 

  •  Facilitate third-party security reviews. 

•  Security Awareness 

  •  Conduct phishing and other security-related simulations.

  •  Perform role-based security awareness. 

  •  Drive remedial training activities. 

•   Red Teaming 

  •  Maintain the red-team platform. 

  •  Conduct attack simulations. 

  •  Drive remediation with the blue team and IT teams. 

•  Reporting and Processes 

  •  Document security processes and procedures. 

  •  Produce weekly, monthly and quarterly security reports for management.  

Skills and Competencies

• Good verbal communication, able to communicate technical information with other technical teams.

• Good written communication, including being able to write clear, concise emails and reports.

• Willingness to learn. 

• Proactive attitude.

• Able to work in a multicultural context.

• Able to influence others without line authority.

• Good analytical and problem-solving ability, with a solutions-focused approach

• Good facilitation skills and the ability to coordinate with others to achieve objectives

• Able to work well under occasional high stress/high-risk situations.

• Able to handle multiple tasks, prioritise work and work effectively under limited supervision.

Experience & Qualifications

The following experience and qualifications are considered minimum requirements.

• 2+ years’ experience in a security analyst or operations role with hands-on experience with the Microsoft security suite of products. 

• Any one of the following: CompTIA Security +, Certified in Cybersecurity (CC) – ISC², ISACA Certified Cybersecurity Operations Analyst™ (CCOA™) or 

• Code B driver’s license.

The following experience and qualifications would be considered an advantage to an applicant.

• Microsoft Certified: Security Operations Analyst Associate (SC-200)

• SSCP – Systems Security Certified Practitioner - ISC²

• Certified as competent in CompTIA Cyber Security Analyst (CySA) or EC-Council Certified Network Defender (EC-CND).

• Experience with Defender XDR, Intune, and Red Team platforms. 

• Experience with the Knowbe4 security awareness platform. 

• Experience performing risk assessments. 

• Experience conducting third-party risk assessments.  

• Experience with Operational Technology environments.