Senior IT Security Analyst

Responsibilities

Incident Response Leadership

• Oversee the entire incident response lifecycle from detection to resolution.

• ead investigations of IT security incidents and ensure thorough root cause analysis and remediation.

• Develop and maintain incident response playbooks and procedures.

• Coordinate with internal, external stakeholders, and vendors during incidents.

• Conduct post-incident reviews and report findings to management.

Monitoring and Detection

• Develop and implement advanced threat detection and monitoring strategies.

• Utilize SIEM, EDR, and other security tools for timely incident detection.

• Perform threat hunting and proactive security assessments.

• Collaborate with IT teams to deploy and optimize security solutions.

Threat Statistics and Reporting

• Analyze and compile statistics on threats relevant to the Institute.

• Prepare and present detailed reports on threat statistics to stakeholders.

• Use data visualization tools to communicate threat trends and insights.

Requirements

Educational Background

• A University Degree in Information Systems, Computer Science, Cybersecurity, or a related field.

• Professional Certification(s) in incident handling and security analysis preferred.

• GCIH or its equivalent is preferred.

Professional Experience

• Minimum of 8 years of progressive experience in IT security, with a focus on Incident response.

• Minimum of 4 years of experience in a security operations center, with proven leadership capabilities.

• Intermediate knowledge of security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.

• Proven experience in managing incident response and performing threat hunting.

Technical Expertise

• Proficiency in Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), traffic and packet analysis, and cloud security.

• Experience in firewall, Intrusion Prevention Systems (IPS), Web Application Firewalls (WAF) administration, virtualization, and cloud technologies.

• Experience in monitoring and administering host-based intrusion detection systems.

• Knowledge and experience in Linux/Windows/Database technologies preferred.

• Strong knowledge of industry standards and information security policy frameworks.

• Hands-on experience with scripting and automation tools to enhance security operations.

• Ability to conduct gap analysis of current processes and identify opportunities for improvement.

• Evaluate internal and external environments for threats related to Information Security and act as a subject matter expert to ensure these are properly addressed and controlled.

• Continuously improve event correlation and alerting processes and use cases to detect potential incidents.

• Automate manual processes to enhance security incident response.

• Experience with network security assessment tools.

Leadership and Communication

• Excellent leadership and team management skills, with the ability to inspire and motivate a team.

• Strong communication skills, with the ability to effectively interact with stakeholders at all levels, including University administration.

• Demonstrated ability to drive strategic initiatives and lead a team through change.

• Exceptional problem-solving skills and the ability to think critically under pressure.

• Ability to interview stakeholders to define and document business requirements.

• Provide advice and guidance on response action plans for information risk events and incidents based on incident type and severity.

Licence no: 12C6060