Job Description – Assistant Security Operations Center (SOC) Analyst (2400002M)
Job Title: Assistant Security Operations Center (SOC) Analyst
Job Code: 2400002M
Primary Location: Nairobi, Kenya
Organization: Britam
Job Type: Permanent, Full-Time
Shift: Day Job
Number of Openings: 1
Job Posting Date: 09-08-2024
Job Closing Date: 18-08-2024
Job Purpose and Key Responsibilities
Job Purpose:
We are seeking a motivated Junior Security Operations Center (SOC) Analyst to join our dynamic Security Operations Center team.
The ideal candidate will have a thirst for knowledge, a passion for cybersecurity, and a strong desire to learn and grow in a fast-paced environment. As a Junior SOC Analyst, you will play a vital role in monitoring, detecting, and responding to security incidents to ensure the integrity and availability of our systems and data.
The primary responsibility of the Assistant SOC Analyst is to monitor and analyze security incidents, identify and mitigate threats, and ensure the security of Britam’s information systems.
This role involves working closely with senior SOC analysts and other cybersecurity teams to protect the organization’s critical assets.
Key Responsibilities:
- Monitor Security Alerts: Use Security Information and Event Management (SIEM) tools to monitor security alerts and events, identifying potential security incidents in real-time.
- Initial Triage and Analysis: Conduct the first level of triage and analysis on security alerts to determine their validity, severity, and potential impact on the organization.
- Investigate Security Incidents: Analyze logs, network traffic, and endpoint data to identify indicators of compromise (IOCs). Assess the scope and impact of security incidents to understand the extent of the breach or threat.
- Collaborate on Incident Response: Work closely with senior SOC analysts and other cybersecurity teams to coordinate effective incident response activities. Implement appropriate mitigation measures to contain and resolve security incidents.
- Document Incident Response: Thoroughly document incident details, including analysis findings, response actions, and lessons learned. Maintain accurate records in incident reports and case management systems.
- Develop and Enhance Security Monitoring: Assist in the development and implementation of security monitoring use cases, detection rules, and playbooks to strengthen threat detection capabilities and improve SOC effectiveness.
- Continuous Learning: Stay informed about the latest cybersecurity threats, vulnerabilities, and attack techniques. Engage in continuous learning and training to maintain and enhance cybersecurity expertise.
- Participate in Exercises and Drills: Take part in tabletop exercises, incident response drills, and simulations to test and improve incident response procedures and overall preparedness.
- Support Security Investigations and Compliance: Provide support for security investigations, compliance audits, and regulatory inquiries as needed. Ensure alignment with regulatory requirements and internal policies.
- Contribute to SOC Improvement: Actively contribute to the overall improvement of SOC processes, procedures, and tools. Provide feedback and suggestions for enhancing SOC operations.
- Delegated Authority: Operate within the bounds of the approved Delegated Authority Matrix.
Key Performance Measures
Performance will be measured as described in your Personal Score Card, with an emphasis on effective incident detection, response, and overall contribution to the security operations center.
Knowledge, Experience, and Qualifications
Educational Qualifications:
- Bachelor’s Degree: In Computer Science, Information Security, or a related field is required.
- Certifications: Relevant certifications such as CompTIA Security+, Certified Ethical Hacker (CEH), or equivalent are highly desirable and will be considered a plus.
Experience:
- IT Experience: 1-2 years of experience in an IT-related role is required. Prior experience or internship in a cybersecurity-related role is preferred but not mandatory.
Skills and Competencies:
- Analytical Skills: Strong analytical and problem-solving skills with a keen attention to detail.
- Communication and Collaboration: Excellent communication and collaboration skills, with the ability to work effectively in a team environment.
- Adaptability: Demonstrated ability to learn quickly and adapt to new technologies and cybersecurity concepts.
- Cybersecurity Knowledge: A solid understanding of cybersecurity principles, the current threat landscape, and common attack vectors.
- Familiarity with Security Tools: Knowledge of security tools such as SIEM, IDS/IPS, antivirus, and endpoint detection and response (EDR) solutions.
- Regulatory Compliance: Familiarity with regulatory requirements and compliance frameworks relevant to the financial services industry (e.g., PCI DSS, GLBA).
This role offers an exciting opportunity to grow and develop in the cybersecurity field while contributing to the security and resilience of Britam’s information systems. If you are passionate about cybersecurity and eager to take on new challenges, we encourage you to apply.