Summary of Role
Security Analyst is responsible for security monitoring and responding to alerts and events. The incumbent will be creating, tuning, compiling metrics of all security devices, along with documentation of processes and procedures. This role will require strong analytical and collaboration skills, detailed working knowledge of current and emerging security technologies, as well as the ability to correlate events to identify abnormal behaviour.
Responsibilities
- Monitor and advice on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended.
- Coordinate response to information security incidents.
- Develop and publish information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
- Assist with data classification assessment and security audits and remediation plans.
- Collaborate with IT management to manage security vulnerabilities.
- Perform network penetration tests, vulnerability assessment scans and risk assessment reviews.
- Develop, coordinate and review server hardening for platforms used within the environment.
- Review of logs pertaining to security of various platforms, namely server events and logs, network logs.
- Create, conduct and maintain user security awareness.
- Conduct security research in keeping abreast of latest security policies.
- Perform other security related duties as assigned.
Requirements
- Degree in Computer Science/Information Technology or equivalent
- At least 3 years’ experience in IT
- Basic technical knowledge in IT network infrastructure, server platforms (Unix, Windows platform) and desktops (OS X and Windows XP and above)
- Experience in using security tools (Security Endpoint solutions, HP ArcSight, QRadar, Rapid7 Nexpose, Tenable Nessus)
- Certified with one or more of the following: QISP, CISSP, Cybersecurity Nexus, CompTIA Security+