Senior Analyst, Cyber

Presidio Where Teamwork and Innovation Shape the Future
AtPresidio were at the forefront of a global technology revolution transforming industries throughcutting-edge digital solutions and next-generation AI. We empower businessesand their customersto achieve more through innovation automation and intelligent insights.

The Role

The Senior Security Operations Centre (SOC) Analyst assists in deploying maintaining tuning monitoring and managing security tools related to the Security Operations Centre. The Senior SOC analyst will function as a Level 2 analyst and act as a mentor to other members of the team.

The Tier 2 SOC analyst will review alerts from Level 1 analysts and network security devices security information and event management and other tools as needed works with other analysts to collect correlate and analyse security-relevant data and respond to threats in a timely position reports to the SOC team lead.

Responsibilities include:

• Determine and direct security incidents investigation remediation and recovery efforts
• Perform Advanced Persistent Threat correlation between multiple security event sources such as firewall logs threat intelligence feeds AV IDS IPS and EDR solutions.
• Maintains current knowledge of emerging security threats and relevant regulatory requirements utilizing the latest threat intelligencesuch as indicators of compromise and updated detection rulesto identify impacted systems and assess the extent of security incidents.
• Propose and implement new detection use cases.
• Review and fine tune false positive incidents.
• Conduct research of client network traffic and system activity looking for security anomalies and suspicious activities.
• Monitoring and management of SIEM and vulnerability management infrastructure.
• Review and assess the severity of vulnerabilities accurately assign appropriate priorities and propose an effective remediation plan.
• Review and implement efficient vulnerability detection strategies
• Assist with the development of incident response plans workflows and Standard Operating Procedures.
• Continuously assess and document current state of security monitoring tools and recommend enhancements to SOC security process procedures and policies.
• Help customer reviewing and interpreting security assessments.
• Hold weekly customer calls to review service KPIs record meeting notes and report to the team lead.
• Adhere to strict change management process.
• Prepare and evaluate monthly reports including comprehensive analysis.
• Monitor the service ticket board to ensure tickets are managed and responded to in accordance with the Service Level Agreement (SLA) and consistently perform timely ticket management tasks.
• Offer constructive feedback and help automating standardised tasks along with troubleshooting scripts used to enhance internal operational processes.
• Participate in on-call rotation for after-hours service coverage.
• Other responsibilities and additional duties as assigned by the security management team.
• Offer guidance and support to junior members of the Security Operations Centre team.

Required Skills and Professional Experience

• 3 years of experience working in a Security Operations Centre utilising Security Incident & Event Management (SIEM) systems to correlate events across multiple devices with proven ability to review and assess vulnerabilities using vulnerability management platforms.
• Proficient knowledge in incident detection and response tools
• Knowledge of network and server security products technologies and protocols
• Good understanding of network security tools such as Intrusion Detection Systems (IDS)/ Intrusion Prevent Systems (IPS) firewalls network packet capture tools.
• Requires background in at least 2 of the following domains:security analysis and investigations ethical hacking incident response forensics analysis security engineering security automation threat hunting
• Mandatory experience on SIEM technology (preferably IBM QRadar and Microsoft Sentinel) and vulnerability management platform (preferably Qualys)
• Desired experience on EDR technologies preferably Sohphos or Defender for endpoint.
• Desired experience with scripting tools (bash python)
• Familiarity with security devices such as firewalls and IPS/IDS systems as well as networking concepts related to routing and switching.
• Security certifications: CISSP CISM GIAC certs CEH CompTIA security etc.

Your future at Presidio
JoiningPresidiomeans stepping into aculture of trailblazersthinkers builders and collaboratorswho push the boundaries of whats possible. With our expertise inAI-driven analytics cloud solutions cybersecurity and next-gen infrastructure we enable businesses to stay ahead in an ever-evolving digital world.

Hereyour impact is youre harnessing the power ofGenerative AI architecting resilientdigital ecosystems or drivingdata-driven transformation youll be part of a team that is shaping the future.

Ready to innovate Lets redefine whats nexttogether.

About Presidio
At Presidio speed and quality meet technology and innovation. Presidio is a trusted ally for organizations across industries with a decades-long history of building traditional IT foundations and deep expertise in AI and automation security networking digital transformation and cloud computing. Presidio fills gaps removes hurdles optimizes costs and reduces risk. Presidios expert technical team develops custom applications provides managed services enables actionable data insights and builds forward-thinking solutions that drive strategic outcomes for clients globally. For more information visit .

Presidio is committed to hiring the most qualified candidates to join our amazing culture. We aim to attract and hire top talent from all backgrounds including underrepresented and marginalized communities. We encourage women people of color people with disabilities and veterans to apply for open roles at Presidio. Diversity of skills and thought is a key component to our business success.

Recruitment Agencies Please Note: Presidio does not accept unsolicited agency resumes/CVs. Do not forward resumes/CVs to our careers email address Presidio employees or any other means. Presidio is not responsible for any fees related to unsolicited resumes/CVs.

#LI-DC1

Required Experience:

Senior IC