Job Description

The Security Operations Analyst will be a key member of the security operations team, responsible for managing the full lifecycle of security incidents - from detection and triage to investigation, response, and resolution. This hands-on role requires strong technical skills, analytical thinking, and collaboration with internal IT and business stakeholders. Over time, the analyst will also contribute to initiatives across vulnerability management, data loss prevention (DLP), cloud security, and remediation of security audit findings.
Key Responsibilities:

• Monitor alerts and logs from security tools (e.g., SIEM, EDR, firewall, DLP) to identify potential threats and anomalous behaviour
• Triage and investigate security incidents, determine severity and impact, and initiate containment and remediation actions.
• Escalate incidents in accordance with defined processes and coordinate with internal teams during incident response.
• Document incidents in detail, contribute to root cause analysis, and identify opportunities for process improvement.
• Support threat hunting activities and continuous tuning of detection rules and alerts
• Security project support (when not working on incidents)
• Providing technical support for ongoing security initiatives
• Building capability with existing security tools to achieve transformation goals

Required Skills and Experience:

• 2-5 years of experience in a cybersecurity, SOC, or IT security operations role.
• Familiarity with incident response processes and tooling (e.g., SIEM, SOAR, EDR, log analysis).
• Working knowledge of cybersecurity fundamentals and attack lifecycle (e.g., MITRE ATT&CK, NIST).
• Experience using or monitoring DLP, vulnerability scanning, or cloud

Preferred Qualifications:

• Certifications such as CompTIA Security+, GIAC (GCIA, GCIH), or SSCP.
• Experience with tools such as Rapid 7 or Cortex
• Understanding of cloud security principles and configurations (AWS, OCI, GCP).
• Exposure to compliance frameworks (e.g., ISO 27001, CIS, NIST 800-53, PCI DSS).

Please note this role will initially require 5 days a week on site for the initial 5-6 weeks. This will then reduce down to 3 days a week on site.
Due to the high volume of applications we receive, we may not be able to respond to all applications. Should you not hear from us in 48 hours then your application has not been successful.

Skills Required