Cybersecurity Analyst

Position: Cybersecurity Analyst

Department: ICT

Reports to: ICT Director

Role Purpose

The Cybersecurity Analyst is responsible for protecting the organization from cyber threats and activities. This involves administering and analysing security toolsets, coordinating cyber responses, and managing various information security risks and compliance activities.

Key Responsibilities

Threat Detection and Mitigation

• Identify, detect, and mitigate threats using various security platforms.
• Actively monitor security systems for signs of security breaches.

Incident Handling and Response

• Handle and respond to security incidents with adequate recovery plans.
• Ensure incidents are reported to key stakeholders promptly.

Security Platform Administration

• Administer and manage security platforms such as Network Detection and Response systems.
• Generate reports on security incidents and activities.

Collaboration with ICT Teams

• Liaise with ICT teams to address potential security issues.
• Work closely with the ICT Director: GRC & Information Security to raise concerns and suggest improvements.

Risk, Data Privacy, and Compliance Coordination

• Coordinate activities related to risk management, data privacy, and compliance within the organization.
• Ensure adherence to security policies and data privacy laws.

Essential Minimum Requirements

• 3 years of experience in cybersecurity and security operations center
• Certifications: Certified Ethical Hacker (CEH), Security+, Certified Information Systems Security Professional (CISSP), Certified SOC Analyst (CSA)

Desired Experience

5 years of experience in cybersecurity and security operations center

Desired Education & Skills

• Bachelor's degree in computer science or IT
• Proficiency in programming languages such as JavaScript, C++, and Python

Competencies

Knowledge in Security Systems: Advanced knowledge in firewalls, intrusion detection/prevention systems, antivirus and content filtering, URL filtering, authentication solutions, switches, routers, VoIP, and DMZ

Incident Handling: Ability to recognize and handle successful intrusions and compromises

Ethical Hacking: Demonstrate skills in ethical hacking and penetration testing

Vulnerability Assessment: Conduct periodic vulnerability assessments and configuration reviews

Forensic Analysis: Use forensic tools to extract and analyse data

Communication and Collaboration

• Build and maintain productive relationships with internal and external stakeholders
• Communicate effectively through clear and structured written information
• Collaborate with relevant stakeholders to ensure security and risk requirements are met

Performance and Client Focus

• Take responsibility for achieving objectives and deliver high-quality services
• Maintain a focus on client needs, ensuring their expectations are met and service commitments are delivered
• Continuously improve the quality of team/departmental performance processes and systems