Security Analyst

Summary

Join Workleap as a Security Operations Analyst to play a key role in monitoring, identifying, analyzing, and remediating security vulnerabilities within the company's systems and infrastructure.

Requirements

• 3+ years of experience in various cyber security functions (Infrastructure Security, Vulnerability and Patch Management, Network Security, Incident Management, Cloud Security, Data Security, Threat Intelligence)
• Hands-on experience in security operations center (SOC) and incident response
• Comprehensive understanding of enterprise security architecture and tools
• Extensive experience with SIEM, EDR, IDS/IPS, Active Directory, VM and other related solutions
• Industry-related security certification is preferred (CEH, Security+, CISM, CISSP)
• Comfortable with Microsoft Cloud environments (Azure)
• Knowledge of enterprise IT security concerns and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, PKI, IPSec, Firewall, SSH, SSL, LAN/WAN, and TCP/IP
• Scripting knowledge in Python and PowerShell
• Good understanding of current security standards for Cloud products (SaaS)
• Knowledge of the MITRE ATT&CK framework (asset)
• Good knowledge of Fortinet products (asset)

Responsibilities

• Take direct responsibility for protecting the organization's digital assets, through hands-on management of both cloud and on-prem security infrastructures
• Continuously monitor security events and alerts from various sources within the enterprise's environment, including network traffic, firewall logs, and intrusion detection systems
• Analyze these events to identify any signs of unauthorized access, insider threats, or other malicious activities
• Serve as a key player in the initial response to any detected security incidents. Follow established procedures for incident escalation and resolution
• Document and manage incidents from initial detection through final resolution, including steps taken for mitigation and recommendations for preventing future occurrences
• Stay informed about the latest cybersecurity threats and vulnerabilities. Analyze threat intelligence reports and feeds to understand how emerging threats might impact the organization
• Use this information to help refine security monitoring strategies and improve defenses
• Participate in vulnerability management and penetration testing activities to identify weaknesses within the organization’s systems and applications
• Work with IT and development teams to prioritize and remediate identified vulnerabilities according to the risk they pose
• Manage and configure security monitoring tools and technologies, such as SIEM (Security Information and Event Management) systems, antivirus software, and intrusion detection/prevention systems
• Ensure these tools are optimized to detect and respond to threats effectively
• Creates documentation and planning for all security-related information, including secure procedures, security guides, cybersecurity incident response and helping teams draft their disaster recovery plans
• Be a trusted security advisor who will make the necessary recommendations with regard to cyber risks
• Independently implement measures and processes that support existing security policies and strategies
• Operate and improve our SOC to reduce blind spots and better protect the company
• Participate in the Security team’s strategic planning to ensure priority projects are in line with Workleap’s needs