IT Security Analyst (For Pooling)

This role is part of the Security Operations team and requires strong understanding of threat hunting, incident response, and security monitoring. The analyst will collaborate with cross-functional IT teams to perform log analysis, monitor security dashboards, investigate incidents, and support vulnerability management and compliance activities.

• Continuously monitor security dashboards, SIEM alerts, and other security monitoring tools to identify potential threats and anomalies
• Participate in security incident response activities, including triage, investigation, containment, and escalation
• Perform initial analysis and first-level response for security incidents and service/security-related queries
• Conduct log analysis and correlate security events to identify Indicators of Compromise (IOCs) and suspicious activity
• Proactively support threat hunting activities across the environment to identify hidden or emerging threats
• Coordinate with IT infrastructure, application, and network teams to triage alerts and support incident resolution
• Work with external vendors to raise support cases, track progress, and follow up on issue resolution
• Perform regular vulnerability assessments on endpoints and systems, and coordinate remediation efforts with IT support teams
• Assist in maintaining and improving the organization’s overall security posture through continuous monitoring and feedback
• Support audit and compliance requirements by providing evidence, reports, and operational security support as needed
• Review and manage security-related eService tickets on a daily basis to ensure proper logging, categorization, prioritization, and SLA adherence
• Ensure timely assignment, tracking, and closure of security tickets within the eService system in coordination with relevant stakeholders
• Validate completeness and accuracy of eService ticket documentation, including investigation notes, evidence, and resolution details
• Monitor recurring security incidents and eService ticket trends to identify root causes and improvement opportunities
Ensure proper escalation of security tickets that breach SLAs or require higher-level technical or managerial attention
• Monitor the health, availability, and operational status of security tools including SIEM, EDR, Email Security, and log collection platforms, and report any service degradation or failures to relevant support teams
• Validate and enrich Indicators of Compromise (IOCs) against internal logs, SIEM alerts, and external threat intelligence sources to improve detection accuracy
• Perform initial malware triage and assist in collecting relevant forensic artifacts (e.g., file hashes, process details, endpoint logs) to support incident investigation activities
• Assist in testing and validation of newly onboarded log sources, SIEM integrations, and security detection use cases to ensure proper event ingestion and alerting
• Support vulnerability scanning activities and assist in tracking remediation progress and closure status in coordination with IT infrastructure and system owners.

Non-Negotiable:
• Continuous Security Monitoring, Triage & First Response (Core SOC Function)
• Incident Support & Escalation Coordination
• Ticketing, Documentation & Operational Discipline
• Experience with SIEM, EDR, IDS, IPS
• Vulnerability Assessments coordination

Additional Skills
• Strong understanding of SOC operations, incident response, and threat hunting
• Experience with SIEM tools
• Knowledge of log analysis, event correlation, and IOC identification
• Familiarity with endpoint security (EDR/XDR) tools
• Understanding of MITRE ATT&CK framework and common attack techniques
• Basic knowledge of Windows, Linux, and networking concepts (TCP/IP, DNS, HTTP/S)
• Ability to analyze security alerts and distinguish false positives
• Strong analytical and troubleshooting skills
• Good communication and documentation skills
• Ability to coordinate with IT teams and vendors during incidents
• Understanding of vulnerability management and remediation process