Security Analyst

We are seeking a highly motivated Security Analyst with a strong background in threat hunting and detection engineering across Enterprise and Cloud workloads to join our Security Operations Centre (SOC).

This role is ideal for a cybersecurity professional with hands-on experience who thrives in cloud-smart environments and is passionate about proactively identifying advanced threats, operationalizing threat intelligence (including OSINT), and leveraging automation and AI to improve security outcomes.

The successful candidate will play a key role in enhancing threat visibility, strengthening detection logic, and improving response efficiency across enterprise and cloud environments.

Key Responsibilities

• Proactively hunt for advanced threats by analyzing security event data across enterprise and cloud environments using local and cloud native security tools.
• Continuously improve SOC detection capabilities through the design, implementation, and optimization of detection use cases evolving threats.
• Advise solutions architecture teams of Security Operations requirements supporting mandatory compliance needs and continuous improvements of SOC practices.
• Enhance SOC function efficiency, improve alert triage and increase detection speed through the adoption of Artificial Intelligence, and development of automation scripts and Security Orchestration & Response (SOR) playbooks.
• Validate security configurations and logging coverage across cloud and on-premise workloads.
• Investigate alerts and fine-tune EDR policies to quickly identify threats and support deep endpoint threat analysis.
• Integrate and operationalize threat intelligence feeds.
• Leverage Open Source Intelligence (OSINT) sources to identify emerging threats, attacker infrastructure, and indicators of compromise (IOCs).
• Perform phishing email analysis including header, payload, and URL inspection.
• Support incident response efforts including containment, eradication and recovery activities.
• Perform compliance activities related to continuous monitoring of Security Operations responsibilities

Qualifications

• Minimum 3+ years of experience in a Security Operations Centre with a focus on threat hunting across both Enterprise and Cloud workloads. (Preferred 5 years of experience)
• Strong understanding of cloud log sources and monitoring in multi-cloud environments including Microsoft Azure, Microsoft 365 and AWS
• Hands-on experience with SIEM platforms.
• Hands-on experience creating, refining and testing threat hunting queries within various security tools (e.g. SIEM, EDR).
• Experience optimizing security operations through automation using industry standard scripting languages such as Python and Powershell
• Mindset to adopt and engrain AI technologies in support of threat prevention, detection and response
• Demonstrable experience responding to cyber incidents.
• Experience integrating threat intelligence feeds into detection workflows.
• Familiarity with MITRE ATT&CK detection mapping Experience performing phishing analysis