Job Specifications
The salary for this role is PS45,000.
This role is advertised on a 12 month fixed term contract.
Are you passionate about being on the frontline of defending our organisation against evolving cyber threats?
Do you have proven experience in incident response, threat hunting, and working with tools like Azure Sentinel?
Can you analyse complex security data, communicate clearly with stakeholders, and thrive under pressure during critical incidents?
If so, we'd love to hear from you!
At Livestock Information Ltd, our mission is to be an outstanding service provider of livestock data, empowering government, industry, and farmers to effectively manage disease and infection control, whilst enhancing productivity and innovation in agriculture. To achieve this, we need great people, who share in our values.
As a SOC Analyst, you will play a key role in safeguarding our organisation by monitoring, detecting, analysing, and responding to security incidents and emerging threats.
You will be part of the frontline defence against cyberattacks, ensuring the confidentiality, integrity, and availability of our critical systems and data.
This role may require working out of hours during cyber security incidents or potential incidents, reflecting the dynamic nature of the threat landscape.
Responsibilities
Your responsibilities will include
Incident Response and Management
Leading and participating in complex incident investigations, utilizing advanced techniques to identify the root cause, scope, and impact of security incidents
Providing guidance and mentorship to other team members and resolver teams during incident response activities
Collaborating with cross-functional teams to coordinate and executing effective incident containment, eradication, and recovery strategies
Threat Hunting and Analysis
Proactively hunting for advanced threats and vulnerabilities within the environment using various threat intelligence sources and security tools
Analysing and interpreting security data from multiple sources, including logs, network traffic, and endpoint data, to identify emerging threats and attack patterns
Developing and maintaining threat profiles, tactics, techniques, and procedures (TTPs) to enhance threat detection capabilities
Threat Intelligence Expertise
Leveraging threat intelligence platforms and independent research to identify, analyse, and integrate Indicators of Compromise (IOCs) into SOC tooling for proactive threat detection
Monitoring emerging threats, developing and implementing detection rules based on indicators, and communicating threat relevance, potential impact, and recommended mitigation strategies to senior management
Azure Sentinel Expertise
Configuring, managing, and fine-tuning Microsoft Azure Sentinel, Microsoft's cloud native SIEM solution
Designing and implementing custom log queries, alerts, and workbooks in Azure Sentinel to enhance threat detection and incident response capabilities
Integrating diverse data sources into Azure Sentinel for comprehensive security monitoring and correlation
Vulnerability Management Expertise
Identifying, tracking, and prioritising high-risk vulnerabilities across cloud environments, ensuring focus on issues with the greatest potential impact
Escalating, coordinating, and driving remediation efforts with relevant teams to ensure timely resolution and reduction of organisational risk
Azure Cloud Security
Demonstrating extensive knowledge of Azure cloud security architecture and best practices, with a focus on securing cloud resources, identities, and data
Assessing and implementing security controls within Azure, such as network security groups (NSGs), Microsoft Defender for Cloud, Azure Policy, and Azure Active Directory
Familiarity with Azure Security Compliance offerings and their role in maintaining regulatory and industry compliance standards
Security Incident Documentation
Documenting incident details, investigation findings, and response actions in a clear and concise manner, adhering to established incident response procedures
Creating comprehensive incident reports and share post-incident lessons learned to improve the organization's overall security posture
Continuous Improvement
Staying current with the latest cybersecurity threats, vulnerabilities, and industry best practices
Participating in the development and enhancement of SOC processes, workflows, and procedures to improve incident response efficiency and effectiveness
Collaboration and Communication
Communicating effectively with technical and non-technical stakeholders, translating complex technical concepts into understandable terms.
Collaborating with internal teams and external partners to share threat intelligence and improve incident response capabilities
Requirements
We are looking for someone with the following
Proven experience as a SOC Analyst, with a strong background in cybersecurity operations, incident response, and threat detection
In-depth understa