This position is a critical role within the organization, serving as the primary point of contact for potential security incident escalation during significant incidents or crisis situations. This involves close collaboration with the Computer Incident Response Team (CIRT), Senior Management, and Senior Analysts.
The role also includes providing guidance and mentorship to junior staff members, fostering their growth and development within the organization. As a 24/7 escalation point for Senior Analysts, this role requires a high level of commitment and availability.
A key part of the role is contributing to the continuous business development opportunities within Global Management Solutions (GMS). This involves staying abreast of emerging threats and vulnerabilities in the cybersecurity landscape and ensuring that all analysts within the Security Operations Centre are adequately trained to handle these threats.
The role also involves conducting comprehensive triage and investigation for various security systems, including IDS/IPS, Full Packet Capture devices, Firewall, DDoS detection and mitigation, availability and SIEM platforms. This is crucial for identifying potential threats, vulnerabilities, and indicators of compromise.
Another important aspect of the role is executing Threat Hunting engagements, performing deep dives, and serving as a technical escalation point for incidents. This includes functioning as an incident handler during high-priority incidents and providing incident remediation and prevention documentation and recommendations to customers.
The role also involves documenting and developing new processes related to security monitoring procedures and delivering customer service that consistently exceeds customer expectations.
Initiating escalation procedures to counteract potential threats, vulnerabilities, and threat actors is another key responsibility. This involves compiling, reviewing, and publishing service-focused reports.
Finally, the role serves as an escalation point for all members of the Cyber Monitoring team, offering assistance and mentorship as necessary. This includes contributing to analyst training programs and continuous improvement initiatives, and actively contributing to the continuous improvement of Security Operations Centre (SOC) procedures and documentation.
Key Accountabilities:
* Serve as the principal point of contact for potential security incident escalation during significant incidents or crisis situations, in collaboration with the Computer Incident Response Team (CIRT), Senior Management, and Senior Analysts.
* Offer guidance and mentorship to junior staff members.
* Function as a 24/7 escalation point for Senior Analysts.
* Contribute to the continuous business development opportunities within Global Management Solutions (GMS).
* Maintain an advanced understanding of emerging threats and vulnerabilities.
* Ensure the development and maintenance of training plans for all analysts within the Security Operations Centre.
* Foster collaborative relationships with internal stakeholders and clients, with a strong emphasis on growth.
* Conduct comprehensive triage and investigation for IDS/IPS, Full Packet Capture devices, Firewall, DDoS detection and mitigation, availability and SIEM platforms, identifying potential threats, vulnerabilities, and indicators of compromise.
* Execute Threat Hunting engagements, perform deep dives, and serve as a technical escalation point for incidents.
* Function as an incident handler during high-priority incidents.
* Provide incident remediation and prevention documentation and recommendations to customers, based on established procedures and analyst experience.
* Document and develop new processes related to security monitoring procedures.
* Deliver customer service that consistently exceeds customer expectations.
* Initiate escalation procedures to counteract potential threats, vulnerabilities, and threat actors.
* Compile, review, and publish service-focused reports.
* Serve as an escalation point for all members of the Cyber Monitoring team, offering assistance and mentorship as necessary.
* Contribute to analyst training programs and continuous improvement initiatives.
* Actively contribute to the continuous improvement of Security Operations Centre (SOC) procedures and documentation.
* Previous experience working in a technical, client-facing capacity within a SOC.
* Minimum 2-4 years of experience within a SOC Senior Analyst role.
* Splunk Certified Power User/Advanced Power User
* Crest, GIAC or CISSP Certification
* Degree in related field.
* Other relevant certifications.
Behaviours:
* Professionalism: Conduct yourself with professionalism, integrity, and ethical behaviour in all interactions and situations.
* Proactive: Demonstrate a proactive approach to process improvement and process creation, ensuring conformity to the standards of the MXDR SOC.
* Collaboration: Work well within a team environment, communicating effectively with colleagues from different departments and sharing insights to improve security posture.
* Adaptability: Embrace changes in technology and processes, adapting to new challenges and learning quickly in a dynamic security landscape.
#J-18808-Ljbffr