Our client, a global FinTech with operations in Africa, is looking to appoint an experienced Security Operation Centre (SOC) Analyst to join their team.
Job Type: Remote | Full-time
Requirements
- Bachelors degree in Computer Science, Information Technology or related discipline
- AWS certification preferred
- CISSP or other industry recognized cyber security certification preferred
- 5+ years of experience in AWS cloud infrastructure with a focus on cyber security
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
- 3+ years of SOC/IR experience, including incident response triage, threat hunting, digital forensics, and configuring alerting rules
- Utilize and incorporate MITRE ATTACK Framework and Cyber Kill Chain
- Working knowledge of security technologies such as: SIEM, EDR, FW, AD, IPS, SOAR, WAF, CTI, Application and Email Defense, Sandbox
- Ability to perform deep dive investigations from start to finish of a security incident
- Fluency in spoken and written English
- Demonstrate a self-starter mentality, collaboration skills, sense of urgency, strong attention to detail, and ability to operate in a customer-oriented environment
- Perform real-time alert monitoring across our cloud Infrastructure and business systems swiftly triage and respond to threats
- Initiate and track complex, multithreaded investigations to resolution
- Timely support for all Identity and Access Management requests
- Stay up to date with and report on information security issues and emerging trends
- Integrate and share information effectively with other analysts and teams
- Creation of reports, dashboards, KPIs, metrics for SOC operations
- Assist security operations and engineering team where needed
- Develop documentation and operational playbooks, as well as suggest alert enhancements to improve detection capability
- Identify gaps in processes and procedures, defining solutions, escalating to appropriate teams, and supporting implementation to promote consistency in service delivery.
- Develop and integrate monitoring and detective capabilities through technologies such as DLP, MDM etc.
- Develop SIEM use cases for monitoring, investigative techniques, and health checks for optimization and assurance of logging all required systems
- Monitor the functioning of security systems to ensure the system operates in conformance with expected performance and specifications
- Evaluate SOC operating procedures for operational efficiencies and updates to monitoring rules and use cases
- Develop ways to optimize or automate processes
- Create and modify security SIEM dashboards to clearly identify scope of findings, or monitor activity
- Provide expert analysis investigative support of large scale and complex security incidents, and in many cases identify incidents for which a technical detection may not be available.
We are looking forward to hearing from you!
----
Blackpen Recruitment is a global recruitment agency that targets European, African and American Markets with headquarters based in Malta and Cape Town. Blackpen specialises in FinTech, Cryptocurrency, Startup and iGaming Recruitment.