Level
2 IT Security Analyst
A Level 2 Analyst participates in a
24/7 operation that supports monitoring and is directly responsible for
responding to security events. He provides a technical escalation point during
Security Incidents, establishing extent of threat, business impacts and then
advising and performing the most suitable course of action to contain and
remedy the incident.
Responsibilities
- Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis.
- Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background examination.
- Good oral and written communication skills in English and native language.
- Ability to take initiative and ownership of incidents from reporting to resolution.
- Responsible for taking action on alerts, events, and incidents escalated from the Level 1 Analyst.
- Act as a lead for IT Security Operations.
- Triage malware incidents, their priority and the need for escalation.
- Monitoring for emerging threat patterns and vulnerabilities.
- Assists with patching recommendations and workarounds for zero-day threats.
- Coordinates with other external stakeholders.
- Communicates with management on incident updates.
- Able to run down an incident from start to finish without higher level supervision.
Skills and
Experience
- Experienced in performing basic and medium level forensic analysis on Windows and UNIX systems.
- Identify and evaluate malware related compromise artefacts.
- Possess comprehensive understanding of and substantive experience in the areas of network systems engineering, computing systems and software applications.
- Demonstrate prior experience using network analysis tools, scripting languages, software vulnerabilities, exploits and malware.
- Experience of working in a high volume and result-oriented operational environment.
- Ability to assume leadership role on ad-hoc basis for managing Level 1 Analysts.
- Ability to mitigate command and control attempts by recommending defensive proxy configuration as these types of attacks should not be ideally escalated to Level 3.
Benchmark
Certifications
GIAC Certified Incident Handler
(GCIH)
Offensive Security Certified
Professional (OSCP)
Offensive Security Certified
Expert (OSCE)
A Level 2 Analyst maintains a good knowledge of the threat
landscape, helps enhance current techniques and provides support in the
identification of new methods of detecting threats. He performs detailed
analysis of security events, using analytical skills and advanced knowledge of
IT security and network threats.
No comments:
Post a Comment