3rd Shift Cyber Security Operations Analyst

The 3rd Shift Cyber Security Operations Analyst monitors and protects the organization’s systems, networks, and data during overnight hours. This role involves real-time threat detection, incident response, and maintaining the overall security posture of the organization. The analyst works as part of a Security Operations Center (SOC) team and plays a critical role in identifying and mitigating security risks during non-business hours. Key Responsibilities: Threat Monitoring and Detection: • Continuously monitor security tools, such as SIEM systems, intrusion detection/prevention systems (IDPS), firewalls, and endpoint protection platforms, to detect potential security threats or anomalies. • Analyze and investigate security alerts, identifying true threats versus false positives. • Conduct proactive threat hunting to identify vulnerabilities or malicious activities. • Monitor and analyze network traffic, system logs, and user activity to ensure compliance with security policies. Incident Response and Management: • Respond to security incidents, including malware infections, phishing attempts, unauthorized access, and other potential breaches. • Execute containment, eradication, and recovery procedures to minimize the impact of incidents. • Collaborate with senior analysts or SOC managers to escalate complex or high-risk incidents. • Document all incidents in detailed reports, including root cause analysis and lessons learned. System Maintenance and Updates: • Perform regular updates and maintenance on security tools and platforms to ensure they function effectively. • Assist in applying patches and updates to address known vulnerabilities. • Support the integration of new security technologies or tools into the existing infrastructure. Collaboration and Communication: • Communicate effectively with team members and stakeholders to provide updates on incidents and overnight activities. • Participate in shift handovers to ensure continuity of security operations across shifts. • Assist in the development of documentation, playbooks, and standard operating procedures (SOPs) for SOC operations. Compliance and Reporting: • Ensure security operations align with organizational policies, regulatory requirements, and industry standards (e.g., ISO 27001, NIST, GDPR). • Prepare and submit daily reports summarizing overnight security events and activities. • Contribute to security audits and compliance reviews. Continuous Improvement: • Stay updated on emerging cyber threats, vulnerabilities, and industry best practices. • Provide recommendations to improve detection, response, and prevention capabilities. • Participate in training, simulations, and drills to enhance incident response readiness. Qualifications: Education: • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. • Equivalent work experience may be considered. Experience: • 1-3 years of experience in cybersecurity, SOC operations, or a related IT field. • Familiarity with SIEM tools, IDPS, firewalls, and endpoint detection platforms. • Experience working in a 24/7 operational environment is a plus. Skills and Competencies: • Knowledge of cybersecurity principles, threat landscapes, and attack vectors. • Strong analytical and problem-solving skills for investigating security events. • Proficiency in using security tools and platforms (e.g., Splunk, QRadar, Sentinel). • Understanding of networking concepts (TCP/IP, DNS, VPNs) and operating systems (Windows, Linux). • Ability to work independently during overnight hours and make quick, informed decisions. Certifications (preferred): • CompTIA Security+, CySA+, or equivalent certifications. • GIAC Certified Incident Handler (GCIH). • Certified Ethical Hacker (CEH). • Splunk Core Certified User or similar tool-specific certifications. Apply Job!