Security Analyst

Join to apply for the Security Analyst role at Dicetek LLC

• Monitor and analyse the organization's networks and systems on a daily basis to detect, identify, investigate, and mitigate potential threats.
• Identify anomalous behavior, recognize patterns of malicious activity, and take appropriate corrective action.
• Follow detailed operational process and procedures to appropriately analyse, escale, and assist in remediation of critical information security incidents.
• Correlate and analyse events using the Splunk/Log Rhythm SIEM tool to detect IT security incidents.
• Conduct analysis of log files, including forensic analysis of system resource access.
• Monitor multiple security technologies, such as SIEM, IDS/IPS, EDR, firewalls, switches, VPNs, and other security threat data sources.
• Respond to inbound requests via phone and other electronic means for technical assistance with managed services.
• Respond in a timely manner (within documented SLA) to support, threat, and other cases.
• Document actions in cases to effectively communicate information internally and to customers.
• Resolve problems independently and understand escalation procedure.
• Maintain a high degree of awareness of the current threat landscape.
• Perform other essential duties as assigned.
• Able to work in rotating shifts within a 24/7 operating environment.

• 3‑5 years of experience in Security Operations, incident response, monitoring, threat hunting, etc.
• A degree in Computer Science, Information Systems or equivalent.
• CCNA, CompTIA CySA+, CISSP, GCA, GCIA, GCIH, CEH, SIEM‑specific certifications would be preferable.
• An active interest in internet security, incident detection, network and systems security.
• A sound knowledge of IT security best practices, common attack types and detection/prevention methods.
• Demonstrable experience of analysing and interpreting system, security, and application logs.
• Knowledge of the types of events produced by firewalls, IDS/IPS, and other security related devices.
• Experience in using SIEM tools such as Splunk & Log Rhythm.
• TCP/IP knowledge, networking, and security product experience.
• Knowledge of the Cyber Kill Chain and MITRE ATT&CK frameworks.
• Knowledge of possible attack activities such as scans, man‑in‑the‑middle, sniffing, DoS, DDoS, etc., and possible abnormal activities such as worms, Trojans, viruses, etc.
• Ability to analyse data such as logs or packet captures from various sources within the enterprise and draw conclusions regarding past and future security incidents.
• Strong analytical and problem‑solving skills.
• Very good communication skills.
• Strong interpersonal skills with the ability to collaborate well with others.

Seniority level: Not Applicable

Employment type: Contract

Job function: Information Technology

Industries: IT Services and IT Consulting