Security Analyst

So what will your new role look like? 

The Security Operations Analyst plays a key role in the proactive monitoring, identification, analysis, and remediation of security vulnerabilities within the company's systems and infrastructure. This hands-on role will be responsible for day-to-day operations, including the monitoring of Workleap's security infrastructure, recommending specific measures that can improve the company’s overall security posture, and ensuring the organization's systems & data are protected.     

So what will you do? 

• Take direct responsibility for protecting the organization's digital assets, through hands-on management of both cloud and on-prem security infrastructures.   
• Continuously monitor security events and alerts from various sources within the enterprise's environment, including network traffic, firewall logs, and intrusion detection systems. Analyze these events to identify any signs of unauthorized access, insider threats, or other malicious activities. 
• Serve as a key player in the initial response to any detected security incidents. Follow established procedures for incident escalation and resolution. Document and manage incidents from initial detection through final resolution, including steps taken for mitigation and recommendations for preventing future occurrences.   
• Stay informed about the latest cybersecurity threats and vulnerabilities. Analyze threat intelligence reports and feeds to understand how emerging threats might impact the organization. Use this information to help refine security monitoring strategies and improve defenses. 
• Participate in vulnerability management and penetration testing activities to identify weaknesses within the organization’s systems and applications. Work with IT and development teams to prioritize and remediate identified vulnerabilities according to the risk they pose. 
• Manage and configure security monitoring tools and technologies, such as SIEM (Security Information and Event Management) systems, antivirus software, and intrusion detection/prevention systems. Ensure these tools are optimized to detect and respond to threats effectively. 
• Creates documentation and planning for all security-related information, including secure procedures, security guides, cybersecurity incident response and helping teams draft their disaster recovery plans. Be a trusted security advisor who will make the necessary recommendations with regard to cyber risks 
• Independently implement measures and processes that support existing security policies and strategies 
• Operate and improve our SOC to reduce blind spots and better protect the company 
• Participate in the Security team’s strategic planning to ensure priority projects are in line with Workleap’s needs 

A typical week?  

• Spend several hours each day actively monitoring and analyzing security alerts using monitoring tools to detect potential intrusions and security breaches. 
• Engage in the initial triage of security alerts, perform detailed investigations into potential threats, and coordinate response actions with internal teams. 
• Conduct threat hunting activities during periods without immediate threats, using advanced techniques to identify hidden threats. 
• Work collaboratively with the IT and other teams to evaluate new or updated security solutions, testing their effectiveness and integration into the existing security infrastructure. 
• Participate in regular meetings with internal and external teams to discuss the status of ongoing security measures and any new threats or technologies that may impact security. 
• Review and refine security procedures and protocols to enhance response times and overall SOC operations. This includes developing or updating SOC playbooks and security procedures. 
• Dedicate time to personal and professional development, including staying abreast of new security trends, attending training sessions, and maintaining certifications. 

What does your future team look like? 

You’ll be a part of the Workleap Security team whose mission is to mitigate the risks the company faces while ensuring the operational aspect of security. You will be responsible for analyzing security incidents. You will conduct forensic analysis and implement measures to maintain the security of the Workleap network. 

What are the challenges awaiting your team? 

• Identifying repetitive tasks and workflows within the security monitoring and other processes that would be good candidates for automation, aiming to increase efficiency and accuracy. 
• Handling the complexities of security operations that span multiple platforms including cloud environments and different infrastructures which requires continuous learning and adaptation. 
• Staying abreast of the latest developments in cybersecurity, including new adversary tactics, techniques, and penetration testing tools, to enhance threat detection and response capabilities. 
• Managing the high volume of alerts efficiently, ensuring accurate identification and prioritization of real threats among numerous false positives. 

Qualifications 

• 3+ years of experience in various cyber security functions (Infrastructure Security, Vulnerability and Patch Management, Network Security, Incident Management, Cloud Security, Data Security, Threat Intelligence); 
• Hands-on experience in security operations center (SOC) and incident response; 
• Comprehensive understanding of enterprise security architecture and tools; 
• Extensive experience with SIEM, EDR, IDS/IPS, Active Directory, VM and other related solutions; 
• Industry-related security certification is preferred (CEH, Security+, CISM, CISSP); 
• Comfortable with Microsoft Cloud environments (Azure); 
• Knowledge of enterprise IT security concerns and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, PKI, IPSec, Firewall, SSH, SSL, LAN/WAN, and TCP/IP; 
• Scripting knowledge in Python and PowerShell; 
• Good understanding of current security standards for Cloud products (SaaS); 
• Knowledge of the MITRE ATT&CK framework (asset) 
• Good knowledge of Fortinet products (asset)