Information Security Analyst

Inzibati, Biznes və İdarəetmə
İyul 11, 2025
Müraciət sonu: Avqust 10, 2025
İndi Müraciət Et

İş Təsviri

Birmarket

Job responsibilities

Monitor information security events via SIEM systems.
Detect anomalous activity, potential threats, and policy violations.
Perform triage and escalate incidents following response playbooks.
Conduct incident analysis: assess risk, identify threat sources, and determine impact.
Investigate incidents across categories: malware, phishing, data breaches, insider threats.
Support incident containment, eradication, and recovery processes.
Hunt for indicators of compromise (IoCs, TTPs) using the MITRE ATT&CK framework.
Analyze logs from network devices, endpoints, servers, and cloud platforms.
Filter false positives and fine-tune correlation rules.
Maintain incident records and prepare investigation timelines and reports.
Deliver regular reports on security posture and threat trends.
Recommend improvements to detection logic, playbooks, and response workflows.
Test and integrate new data sources with SIEM/SOAR platforms.
Collaborate with IT, DevOps, and infrastructure teams to contain and resolve threats.
Escalate advanced cases to senior analysts or security engineers.
Requirements

Minimum 3 years of hands-on experience in a Security Operations Center (SOC) or similar cybersecurity analyst role.
Proven experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, ArcSight) for event monitoring and investigation.
Practical skills in incident triage, alert validation, and escalation using defined playbooks.
Solid understanding of incident response processes, including containment, eradication, and recovery.
Experience in root cause analysis and identifying threat vectors in real-world incidents.
Proficiency in threat hunting and working with IoCs, TTPs, and the MITRE ATT&CK framework.
Competence in log analysis from firewalls, IDS/IPS, endpoints, servers, and cloud platforms (e.g., Azure, AWS).
Experience in tuning detection rules and improving correlation logic to reduce false positives.
Awareness of modern cyber threats, malware behavior, and threat intelligence fundamentals.
Familiarity with SOAR and EDR platforms and automated response workflows.
Understanding of cloud security and vulnerability management.
Bachelor’s degree in computer science, cybersecurity, cnformation technology, or a related field is required.
Master’s degree or industry certifications (e.g., CompTIA Security+, CEH, GCIA, GCIH) are a strong plus.
Medical insurance

Membership in the ‘Dəyərlisən’ PASHA Loyalty Program

Interested candidates can apply by clicking the link provided in the “Apply” button.

Əlaqəli İşlər