3rd Shift Cyber Security Operations Analyst

The 3rd Shift Cyber Security Operations Analyst monitors and protects the organization?s systems, networks, and data during overnight hours. This role involves real-time threat detection, incident response, and maintaining the overall security posture of the organization. The analyst works as part of a Security Operations Center (SOC) team and plays a critical role in identifying and mitigating security risks during non-business hours. Key Responsibilities: Threat Monitoring and Detection: ? Continuously monitor security tools, such as SIEM systems, intrusion detection/prevention systems (IDPS), firewalls, and endpoint protection platforms, to detect potential security threats or anomalies. ? Analyze and investigate security alerts, identifying true threats versus false positives. ? Conduct proactive threat hunting to identify vulnerabilities or malicious activities. ? Monitor and analyze network traffic, system logs, and user activity to ensure compliance with security policies. Incident Response and Management: ? Respond to security incidents, including malware infections, phishing attempts, unauthorized access, and other potential breaches. ? Execute containment, eradication, and recovery procedures to minimize the impact of incidents. ? Collaborate with senior analysts or SOC managers to escalate complex or high-risk incidents. ? Document all incidents in detailed reports, including root cause analysis and lessons learned. System Maintenance and Updates: ? Perform regular updates and maintenance on security tools and platforms to ensure they function effectively. ? Assist in applying patches and updates to address known vulnerabilities. ? Support the integration of new security technologies or tools into the existing infrastructure. Collaboration and Communication: ? Communicate effectively with team members and stakeholders to provide updates on incidents and overnight activities. ? Participate in shift handovers to ensure continuity of security operations across shifts. ? Assist in the development of documentation, playbooks, and standard operating procedures (SOPs) for SOC operations. Compliance and Reporting: ? Ensure security operations align with organizational policies, regulatory requirements, and industry standards (e.g., ISO 27001, NIST, GDPR). ? Prepare and submit daily reports summarizing overnight security events and activities. ? Contribute to security audits and compliance reviews. Continuous Improvement: ? Stay updated on emerging cyber threats, vulnerabilities, and industry best practices. ? Provide recommendations to improve detection, response, and prevention capabilities. ? Participate in training, simulations, and drills to enhance incident response readiness. Qualifications: Education: ? Bachelor?s degree in Cybersecurity, Information Technology, Computer Science, or a related field. ? Equivalent work experience may be considered. Experience: ? 1-3 years of experience in cybersecurity, SOC operations, or a related IT field. ? Familiarity with SIEM tools, IDPS, firewalls, and endpoint detection platforms. ? Experience working in a 24/7 operational environment is a plus. Skills and Competencies: ? Knowledge of cybersecurity principles, threat landscapes, and attack vectors. ? Strong analytical and problem-solving skills for investigating security events. ? Proficiency in using security tools and platforms (e.g., Splunk, QRadar, Sentinel). ? Understanding of networking concepts (TCP/IP, DNS, VPNs) and operating systems (Windows, Linux). ? Ability to work independently during overnight hours and make quick, informed decisions. Certifications (preferred): ? CompTIA Security, CySA, or equivalent certifications. ? GIAC Certified Incident Handler (GCIH). ? Certified Ethical Hacker (CEH). ? Splunk Core Certified User or similar tool-specific certifications. Apply Job!