Full Time Cyber Security Analyst

Tasks & responsibilities

• Conducting infrastructure scans for vulnerabilities and compliance validation, preferably using Infrastructure as Code (IaC) techniques and tools. Ensure optimised scanning coverage and implementation and maintain the service.
• Setting up local regulatory monitoring backups, ensuring the availability of recovery plans, and validating the effectiveness of security measures using automated scanning tools.
• Performing postmortem analysis to evaluate the impact of security incidents on data and infrastructure, identifying available recovery tools and processes, and recommending suitable solutions.
• Collaborating with the broader assessment team to enhance and deliver security assessment services.
• Managing SQL and MSQL database architecture, data structures, and naming conventions to ensure the accuracy and integrity of all data master files.
• Providing complete system architectures in cloud computing environments such as AWS, Azure, or GCP, including database management, monitoring, threat detection, and VPN servers.
• Monitoring network traffic, auditing log files, and configuring highly available systems in the cloud.
• Enhancing system security through regular system upgrades, platform updates, and implementing encryption layers in the network transport layer (SSL/TLS/IPSEC).
• Documenting processes, monitoring, and operational management related to system security and disaster recovery planning.
• Developing and providing technical support to diagnose and resolve hardware and software issues across physical and virtual servers, both on-premises and in the cloud.
• Ensuring the security of computer systems to enable seamless integration of all components for optimal functionality. Additionally, monitoring and improving network performance and security during data transfer and at rest.
• Install, configure, and maintain hardware firewalls (e.g., Palo Alto, Fortinet, Cisco ASA, Check Point, Juniper, etc.).
• Configure and manage software firewalls (e.g., pfSense, iptables, Windows Defender Firewall, AWS WAF, Azure Firewall).
• Perform physical installations of network security devices in data centers and remote locations.
• Monitor, manage, and troubleshoot network security infrastructure to ensure optimal performance and protection.
• Deploy and manage honeypots/honeynets to detect and analyze threat actor behaviors.
• Conduct zero-day vulnerability detection and analysis, including reverse engineering and forensic investigation.
• Implement intrusion detection/prevention systems (IDS/IPS) and ensure timely response to security incidents.
• Work closely with IT and security teams to establish firewall policies, access control lists (ACLs), and VPN configurations.
• Develop and maintain security documentation, including standard operating procedures (SOPs), incident response plans, and threat reports.
• Stay updated on emerging cybersecurity threats, exploits, and attack methodologies.
• Perform penetration testing and security assessments on networks and infrastructure.
• Collaborate with third-party vendors and security researchers to enhance security operations.