Junior Cybersecurity Operations Analyst

The Junior Cybersecurity Operations Analyst supports the daily cybersecurity operations of the organization and contributes to protecting networks, systems, endpoints, and cloud environments against cyber threats.

This role focuses on monitoring security events, supporting incident response activities, assisting with vulnerability management, and collaborating with internal teams as well as external Security Operations Service providers. It is designed for professionals with 2 to 3 years of practical experience in cybersecurity or IT security who are looking to further develop their expertise in operational security and managed security services. 

Key Responsibilities

Threat Monitoring and Detection

• Support continuous monitoring of networks, systems, cloud services, and applications to identify suspicious activity and potential threats
• Assist in operating and maintaining Security Information and Event Management (SIEM) platforms
• Review alerts, investigate anomalies, and escalate relevant findings where appropriate
• Contribute to improving detection rules and monitoring coverage

Incident Response and Security Event Handling

• Support cybersecurity incident response activities following established procedures and playbooks
• Assist in the investigation, containment, and documentation of security incidents
• Coordinate with internal IT teams and external service providers during incident handling
• Participate in post incident reviews and contribute to lessons learned documentation

Vulnerability Management

• Assist with vulnerability scanning and review findings across infrastructure, endpoints, cloud, and applications
• Support prioritization and tracking of remediation activities with technical teams
• Follow up on patching status and mitigation measures

Threat Intelligence and Security Controls

• Monitor relevant threat intelligence sources and report relevant findings to the security team
• Support implementation and maintenance of preventive security controls such as endpoint protection, firewall policies, and cloud security measures
• Contribute to identifying emerging threats relevant to the organization

Security Compliance and Log Analysis

• Support log collection, review, and analysis from critical systems and services
• Assist in identifying suspicious patterns through monitoring tools
• Help prepare reports and documentation for audits and compliance activities
• Support enforcement of internal security policies and technical baselines

Vendor and Security Service Support

• Work with external Security Operations Service providers under guidance of senior team members
• Review operational reports and escalations from third party providers
• Support follow up on service quality and operational improvements
• Contribute to maintaining effective collaboration with outsourced security partners

Security Awareness Support

• Contribute to internal cybersecurity awareness initiatives
• Support preparation of security communications and training materials
• Help promote secure behavior across teams

Required Skills and Experience

• 2 to 3 years of experience in cybersecurity operations, IT security, or SOC related environments
• Basic hands-on experience with SIEM tools and security monitoring workflows
• Good understanding of endpoint security, network security, and cloud security fundamentals
• Familiarity with vulnerability scanning and remediation processes
• Ability to analyse security alerts and document findings clearly
• Structured working style, analytical thinking, and willingness to learn

Preferred Qualifications

• First cybersecurity certifications such as Security+, CEH, SC 200, or equivalent
• Exposure to managed security services or outsourced SOC environments
• Basic understanding of incident response frameworks and threat intelligence concepts
• Familiarity with MITRE ATT&CK is considered an advantage

Key Success Metrics

• Timely handling and escalation of security alerts
• Accurate incident documentation and follow up
• Effective support of vulnerability remediation activities
• Reliable collaboration with internal teams and external providers
• Contribution to continuous improvement of monitoring quality and operational maturity