Job Description :
Role Summary / Purpose :
Threat Detection Analyst (Level 1) participates in daily shift monitoring directly responsible for responding to security alerts.
The analyst provides a technical escalation point during security alert triage, establishing extent of threat, business impacts and then advising and performing the most suitable course of action to contain and remedy the escalation.
The analyst makes the determination if the escalated security alert should be declared an incident. The analyst maintains a good knowledge of the threat landscape, helps enhance current techniques and provides support in the identification of new methods of detecting threats.
They will perform detailed analysis of security alerts, using analytical skills and advanced knowledge of IT security and network threats.
Essential Responsibilities :
Responsible for taking action on events, alerts, and incidents.
Triage malware alerts, their priority and the need for escalation.
Monitoring for emerging threat patterns and vulnerabilities.
Troubleshoot basic script errors and security tool misconfigurations.
Coordinates with information technology stakeholders.
Communicates with management on incident updates.
Able to run down an event or alert from start to finish without higher level supervision.
Qualifications / Requirements :
Bachelor's degree in any discipline
Minimum 4+ years experience in IT - SOC operations
Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis.
Possess personal and professional integrity. Individuals will be required to submit to a background examination.
Good oral and written communication skills.
Ability to take initiative and ownership of incidents from reporting to resolution.
Ability to understand business impact.
Previous experience leading teams and providing guidance to fellow employees duction, fostering a culture of continuous process improvement.
For Internal Applicants : Understand the criteria or mandatory skills required for the role, before applying.
Inform your Manager or HRM before applying for any role on Workday.
Ensure that your Professional Profile is updated (fields such as Education, Prior experience, Other skills) and it is mandatory to upload your updated resume (Word or PDF format)
Must not be any corrective action plan (First Formal / Final Formal, PIP)
Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.
Level 6+ employees can apply
Desired Characteristics :
Experienced in performing basic and medium level forensic analysis on Microsoft Windows and Unix systems.
Identify and evaluate malware related compromise artefacts.
Possess comprehensive understanding of and substantive experience in the areas of network systems engineering, computing systems and software applications.
Demonstrate prior experience using network analysis tools, scripting languages, software vulnerabilities, exploits and malware.
Experience of working in a high volume and result-oriented operational environment.
Ability to mitigate command and control attempts by recommending defensive technology configurations.
Desired Certifications : SANS GIAC Certified Incident Handler (GCIH), SANS GIAC Certified Intrusion Analyst (GCIA), EC2 Certified Ethical Hacker (CEH)
Job Family Group :