As a Security Analyst, you will play a crucial role in our mission to secure our clients' digital environments. Your responsibilities will include:
1. SIEM Expertise: Extensive experience with Security Information and Event Management (SIEM) tools, with a particular focus on Elastic Stack and Wazuh. You will be responsible for configuring, managing, and optimising these SIEM solutions to detect and respond to security incidents effectively.
2. System Administration: Serve as a system administrator to install, configure, maintain and secure various operating systems, including Windows, MacOS, and Linux. You would also be managing servers, setting up of accounts, permissions and ensuring system health and security. Experience with virtualization technologies (e.g., VMware, Hyper-V) to manage virtual machines efficiently will be necessary. Your expertise will be vital in ensuring the stability and security of our clients' infrastructure.
3. Scripting and Programming: Proficiency in scripting and programming languages such as BASH, PoweShell, Python, and C++ is essential. You will use these skills to automate tasks, create custom security tools, and analyse and develop solutions for complex security challenges.
4. Systems Architecture and Networking: Possess a strong background in systems architecture and networking to design and implement secure network infrastructures. This includes configuring firewalls, VPNs, and intrusion detection/prevention systems (IDS/IPS). You would also need to understand network protocols, IP addressing, subnetting, routing, and the ability to configure and troubleshoot network devices.
5. Security Incident Response: Be prepared to investigate and respond to security incidents, conduct forensic analysis, and develop incident response plans to mitigate future threats.
Qualifications:
To be successful in this role, the ideal candidate should have the following qualifications:
- Bachelor's degree / Masters in Computer Science, Information Technology, or a related field. Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are a plus.
- Proven experience (2 years) working with SIEM tools, like Splunk, Elastic Stack and Wazuh are a plus.
- Proficiency in system administration for various operating systems, including Windows, MacOS, and Linux.
- Strong coding skills in BASH, PowerShell Python, and C++, with the ability to develop and modify scripts and tools for security-related tasks.
- In-depth knowledge of systems architecture and networking, including firewalls, routers, switches, and VPNs.
- Excellent problem-solving and critical-thinking skills, with the ability to analyse complex security issues and develop effective solutions.
- Strong communication skills and the ability to work collaboratively within a team and communicate complex technical concepts to non-technical stakeholders.
- A passion for staying updated with the latest cybersecurity trends, threats, and best practices.
