Security Analyst - L2

Responsibilities • Monitor third party security feeds, forums, and mailing lists to gather information related to the client through automated means • Produce intelligence outputs to provide an accurate depiction of the current threat landscape and associated risk through the use of customer, community, and open source reporting • Produce actionable intelligence information for delivery to colleagues and customers in the form of technical reports, briefings, and data feeds • Review vulnerabilities advisories • Review and process threat intelligence reports • Perform detailed investigative works into all traffic anomalies against established, historical baselines of individual agencies. Reviewing and profiling the events of all monitored clients • Assess each event based on factual information and wider contextual information available • Review, propose and generate reports to automate or reduce low value event escalations • Build rules and intelligence to detect such threats and proliferate to all monitored networks • Implementing and devising detection method of such threats in our security operations through SIEM Rules, DB scripts etc • Perform periodic analysis of security events, network traffic, and logs to engineer new detection methods, or create efficiencies when available • Supports the development of tactics, techniques, and procedures in providing proactive threat hunting and analysis against the available information sources (e.g. Netflow, DNS and Firewall logs, etc.) • Assist the Security Analysts with the investigative works • Prepare training programme for Security Analyst and conduct knowledge sharing sessions for Security Analyst • Fulfil Change Requests, Service Requests and respond to internal / external enquiries with regards to detection Use Case • Any other tasks as assigned