Cyber Security Analyst - L2

Requirements:

• Bachelors degree (or equivalent) in Computer Science Cybersecurity Information Security or a related field.
• Minimum 3 years of information security experience with a very strong technical background.
• Demonstrated Threat Hunting and Incident Response experience.
• Experience with threat hunting methodologies and tools including but not limited to SIEM platforms EDR solutions network traffic analysis tools and threat intelligence feeds.
• Well versed with analyzing and interpreting security logs network traffic and endpoint data to identify and investigate potential security incidents.
• Proficient in crafting advanced SIEM queries for detection criteria adept at finetuning use cases and collaborating with log source stakeholders to establish baselines ensuring enhanced detections and improved detection fidelity.
• Strong analytical problemsolving and criticalthinking skills with the ability to work effectively in highpressure situations.
• Experience with threat intelligence frameworks and methodologies including STIX/TAXII MITRE ATTACK framework and other relevant standards.
• Security certification like GIAC Cyber Threat Intelligence (GCTI) GIAC Continuous Monitoring (GMON) GIAC Certified Intrusion Analyst (GCIA) or GIAC Certified Incident Handler (GCIH) or equivalent a plus.

Responsibilities:

• Conduct proactive threat hunting exercises to identify advanced and persistent threats within the organizations network and systems.
• Collaborate with crossfunctional teams to develop and refine threat hunting methodologies leveraging both internal and external threat intelligence sources (OSINT).
• Analyze threat data from various sources including logs network traffic and endpoints to identify indicators of compromise (IOCs) and tactics techniques and procedures (TTPs) associated with cyber threats.
• Investigate and respond to security incidents analyzing the scope and impact of breaches and developing mitigation strategies.
• Craft and refine detection rules leveraging SIEM platforms query languages and custom scripts to develop robust and effective detection mechanisms.
• Create and maintain detailed documentation of threat hunting processes findings and incident response procedures.
• Proven ability to analyze and interpret log data from diverse sources including network and endpoint logs to identify patterns indicative of security incidents and potential vulnerabilities.
• Produce timely and accurate reports on threat hunting activities findings and recommended actions to stakeholders and management.
• Familiarity with a range of industryleading detection tools frameworks and methodologies ensuring the implementation of a robust and effective detection infrastructure aligned with organizational security objectives.
• Strong understanding of common cyberattack techniques such as phishing malware propagation lateral movement and data exfiltration.
• Collaborate with the incident response team to develop and enhance incident response playbooks ensuring alignment with threat intelligence insights.

Remote Work :

No