Senior Cyber Security Analyst

Role Purpose

The Cybersecurity Senior Analyst plays a critical role in monitoring, analyzing, and responding to security incidents within the organization. This position serves as a second-level escalation point for complex security events and contributes to the continuous improvement of detection and response capabilities.

The analyst works closely with Tier 1 analysts, incident responders, and threat intelligence teams to safeguard the organization's digital assets. A key aspect of the role involves leveraging Splunk for security monitoring and investigation.

Key Accountabilities & Activities

Security Monitoring and Incident Response

• Investigate and respond to security alerts escalated from Tier 1 analysts using Splunk and other security tools.
• Analyze logs, network traffic, and endpoint data to identify patterns and potential threats.
• Ensure timely containment, eradication, and recovery of confirmed security incidents.
• Document incidents thoroughly and participate in post-incident reviews and reporting.

Threat Detection and Content Tuning

• Develop and fine-tune correlation rules, dashboards, and alerts in Splunk to improve threat detection capabilities.
• Contribute to the continuous improvement of detection use cases based on threat intelligence.
• Validate new alerts and detection logic through testing and simulation exercises.

Vulnerability and Risk Management Support

• Assist in assessing vulnerabilities and prioritizing remediation efforts based on risk impact.
• Collaborate with IT teams to ensure patching and configuration management aligns with security best practices.
• Analyze vulnerability scan results and correlate them with asset context to advise on risk exposure.
• Track and follow up on open security issues to ensure resolution within SLAs.

Knowledge Sharing and Process Improvement

• Develop and maintain standard operating procedures (SOPs) and investigation playbooks.
• Identify gaps in detection and response processes and propose improvements.
• Stay updated with emerging threats, tools, and cybersecurity trends through continuous research and training.

Job Specifications

Academic and Professional Qualifications

• Bachelor's Degree in Computer Science, Software Engineering, Information Technology, or a related field.
• MBA or equivalent postgraduate qualification is preferred.

Years and Nature of Experience

• 3 5 years of relevant experience in a related industry.