Overview:
The Security Operations Analyst plays a crucial role in the daily operations of the Security Operations team, focusing on monitoring the organization's digital assets, managing security tools, and assisting in incident response activities.
Key Responsibilities:
- Reports to the Director of Security Operations
- Monitor security infrastructure for signs of compromise or anomalies and conduct thorough analysis of potential threats.
- Operate and manage a variety of cybersecurity tools, including WAF, IAM, RBAC, Zscaler, Crowdstrike, Delinea, JAMF, and Intune, ensuring their optimal performance and integration into the IT landscape.
- Perform vulnerability assessments and engage in proactive threat hunting to identify and mitigate risks.
- Assist in the development and refinement of security operations procedures, contributing to the continuous improvement of the security posture.
- Participate in incident response efforts, from detection through to remediation, documenting actions and lessons learned.
- Collaborate with IT and other departments to ensure comprehensive security measures are implemented across the organization.
- Stay updated with the latest cybersecurity trends, threats, and technology to recommend improvements to security policies and practices.
- Support the deployment and maintenance of security systems, including endpoint protection solutions and cloud security tools.
- Conduct regular security audits and assessments to ensure compliance with internal policies and regulatory requirements.
- Develop and deliver security awareness training to employees, promoting best practices for data protection and cyber hygiene.
- Participate in On Call rotation as necessary.
Qualifications:
- Bachelor’s degree in Information Technology, Cybersecurity, or a related field, or equivalent practical experience.
- 3+ years of experience in a security operations or similar role.
- Familiarity with security tools and technologies such as WAF, IAM, RBAC, Zscaler, Crowdstrike, Delinea, JAMF, Intune, Azure, and others.
- Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001).
- Proficiency in conducting vulnerability assessments and threat hunting.
- Strong analytical skills and attention to detail with the ability to conduct thorough investigations.
- Effective communication and teamwork skills, with the ability to collaborate across departments and present findings to senior management.
- Experience with cloud platforms and services (e.g., AWS, Azure, GCP) is highly desirable.
- Knowledge of endpoint protection solutions and experience in managing security for a diverse set of devices and platforms.
- Certification in cybersecurity (e.g., Security+, CEH, or others) is a plus.
- Ability to work independently and manage multiple tasks and projects simultaneously.
- Strong problem-solving skills and the ability to adapt to new challenges and technologies quickly.