Analyst: Information Security at Cellulant

JOB SUMMARY: 

As an information security / SOC Analyst, you will be responsible for real-time monitoring of the organization’s information assets with an objective to promptly identify and thwart likely or/and ongoing cybersecurity incidents or attacks. You will collaborate with other stakeholders to ensure that preventive and detective controls targeted at minimizing the likelihood of a successful breach on the organization’s infrastructure are put in place.

Key Relationships: This role will work under the Information Security Team and work closely with the Platform Engineering Team, Service Management Team, Software Engineering Team, and other relevant stakeholders.

CORE RESPONSIBILITIES:

• Monitors and analyzes network traffic leveraging security tools implemented within the organization.
• Carries out Vulnerability Assessment on the infrastructure.
• Engages with stakeholders on the resolution of security incidents.
• Identifies indicators of compromises-IoCs and indicators of attacks-IoAs on the network
• Analyses IoCs and IoAs and coordinates closure of identified risks as the need arises.
• Recommends controls to address identified weaknesses on the network.
• Support the organization's security certification program by ensuring that Security Monitoring Requirements relevant to each standard are met
• Identifies all relevant log sources and ensures collection of logs from the relevant log sources.
• Specifies security requirements for the provisioning of new assets on the network.
• Carries out security reviews on information assets such as Databases and Firewalls
• Provides support for the optimization of security configurations on assets such as WAFs, Network Firewalls, Emails, etc.
• Manages security configuration setups and optimization on security tools such EDRs, SIEM, SAST, and DAST tools, etc.

EXPERIENCE REQUIRED:

Must-Have Experience;

• Have a sound understanding of the workings of the following Operating Systems: Windows, macOS, and Linux (multiple flavors of Linux).
• Have a sound understanding of network architectures and communication protocols.
• Efficient in the use of security tools such as SIEM – previous experience with Splunk preferred.
• Be an efficient communicator with the capability to communicate complex technical situations in simpler forms to different stakeholders.
• Good understanding of Cloud Infrastructure and workings of a hybrid environment.
• Good analytical skills and reporting skills.
• Sound problem-solving and critical thinking skills.
• Over 3 years experience as a SOC Analyst, preferably with experience within the financial sector
• Have a sound understanding of threats and vulnerability management.
• Have a sound understanding of Risk and Incident Management.
• Have a good understanding of basic network communications within an IT Infrastructure. 
• Experience with Cloud Infrastructure security and security of a hybrid infrastructure.

Experience that will count in your favor;

• Sound understanding of DevSecOps.
• Competency in Scripting.
• Digital Certificate (SSL) Deployment & Management
• Access Management using FreeIPA

Nice To Have Experience;

• Application Security Testing
• Knowledge in Security Standard Implementation such as ISO 27001, 27701, and PCI-DSS

QUALIFICATIONS, SKILLS & PERSONAL ATTRIBUTES:

• A degree in computer science or computer engineering or other relevant courses.
• Relevant certifications: CompTIA Security +, CompTIA CySA+, EC-Council Certified SOC Analysts, and EC-Council CEH.
• Incident Identification, Triage and Response, Threat Hunting, Security Review/Audit, Vulnerability Management, Reporting, and Security Tools Administration.
• Inquisitive, curious, with a knack for learning, open-minded, sound communicator, good collaborative skills.