Ultimately you are responsible for ensuring that the company's digital assets are protected from unauthorized access. This includes securing both online and on-premise infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur. If a breach does occur, you will help lead the efforts to counter the attack.
What would my main responsibilities be?
• Monitor security event logs and alerts from various sources, including network devices, servers, and security tools.
• Review and analyse security incidents, identifying potential threats, vulnerabilities, and suspicious activities.
• Investigate and respond to security incidents, including conducting root cause analysis and implementing appropriate Corrective and Preventive actions.
• Collaborate with cross-functional teams to develop and implement incident response plans and procedures.
• Maintain and update security incident response documentation, including playbooks, standard operating procedures, and knowledge base articles.
• Conduct vulnerability assessments and penetration tests working in collaboration with 3rd parties to identify potential security risks and recommend appropriate remediation measures.
• Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CompTIA Security+, CEH) are highly desirable.
• Proven experience as a SOC Security Analyst or similar role, with a focus on monitoring, reviewing, and remediating logs and incidents.
• Strong understanding of Azure and Cloud 365 services, including configuration, monitoring, and security best practices.
• Proficiency in working with Pulse VPN, Ubiquiti Router Firewalls, and Datto RMM.
• In-depth knowledge of network protocols, security technologies, and tools, such as SIEM, IDS/IPS, antivirus, firewalls, and vulnerability scanners.
• Familiarity with security frameworks and standards (e.g., NIST, ISO 27001).