• The Senior Managed Services Information Security Analyst is an advanced subject matter expert, responsible for monitoring, analyzing, interpreting and reporting on the incoming client data for the purpose of delivering security information and recommendations to the clients, enabling the organization to deliver the contracted security services.
• This role includes performing tasks such as security incident detection and response, security event reporting, threat hunting, content maintenance (tuning) and interacting with clients to ensure their understanding of the information generated, recommending client system changes as well as answering security related queries from the clients.

What you’ll be doing

Key Responsibilities:

• Works as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts.
• Works with client stakeholders and relevant internal teams to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting.
• Monitors security tools to review and analyze security logs from client environments.
• Generates continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience.
• Adheres to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards.
• Utilizes and documents best practices and amend existing documentation as required.
• Identifies opportunities to make automations which will help the clients and security delivery teams.
• Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics.,
• Utilizes a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure.
• Ensures usage of knowledge articles in incident diagnosis and resolution and assists with updating as and when required.
• Undertakes threat hunting activities across both individual client estates, as well as cross client hunting.
• Works closely with client delivery teams to support their activities related to client delivery.
• Cooperates closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client.
• Supports major incident management processes, and escalations into the team.
• Performs any other related task as required.

Knowledge and Attributes:

• Advanced knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts.
• Advanced knowledge on security architecture, worked across different security technologies.
• Advanced knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised.
• Displays excellent customer service orientation and pro-active thinking.
• Displays problem solving abilities and is highly driven and self-organized.
• Excellent attention to detail.
• Excellent analytical and logical thinking.
• Excellent spoken and written communication abilities.
• Team player with the ability to work well with others and in group with colleagues and stakeholders.
• Ability to remain calm in pressurized situations.
• Ability to keep current on emerging trends and new technologies in area of specialization.

Academic Qualifications and Certifications:

• Bachelor’s degree or relevant qualification in Information Technology or Computing or a related field.
• Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous.

Required Experience:

• Advanced experience in SOC Analysis Operations.
• Advanced experience in SIEM usage for investigations.
• Advanced experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy.
• Advanced experience in dealing with technical support to clients.
• Advanced experience in handling security incidents end to end.
• Advanced experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools.
• Advanced experience in Security Analysis or Engineering preferably gained within a global services organization.