L2 Cyber Security Analyst

Company Description

VirtualArmour has been a trusted advisor in solving critical network and cybersecurity issues since 2001. The company works closely with clients to deliver specialized solutions, ensuring their cybersecurity infrastructure is resilient and effective. Known for leveraging extensive expertise and advanced technologies, VirtualArmour supports organizations in protecting their most valuable assets. With a focus on high-quality services, VirtualArmour is dedicated to building secure and reliable systems for its clients.

Role 

The role of Cyber Security Analyst is a level 2 role. Working as part of a team the primary role is to work with customers for our Managed Security Services (MSS) department. 

The Cyber Security Analyst’s role is to help protect our customer networks against cybersecurity threats such as hackers, Cyber-terrorists and malware that can steal or corrupt sensitive customer data. This is accomplished by monitoring and analyzing customer networks, servers, databases and end-point equipment for key indicators of compromise. Once a possible threat is detected the analyst must investigate, respond to and report to our customers with any recommended remediation. 

Cyber Analysts should have the experience and knowledge desired below and will also be enrolled into the VirtualArmour Academy, where students will be trained in other aspects of the role. 

Candidate 

We’re looking for a person who already has a background in Cybersecurity.  The ideal candidate will be a quick learner with strong problem-solving skills. The ability to work in a pressurized environment with conflicting priorities, ensuring that service level agreements are met is essential for the successful candidate. 

The candidate must be comfortable working in a highly technical environment and be able to communicate their findings to non-technical customers. 

Responsibilities 

• Cover helpdesk tickets for MSS customers, which includes monitoring queues for incident, problem, and change management requests. 
• Monitor customer environments for security issues. 
• Investigate security breaches and other cybersecurity incidents. 
• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs. 
• Document and research security breaches and assess the damage they cause. 
• Work with customers security team to perform tests and uncover network vulnerabilities. 
• Help remediate detected vulnerabilities to maintain a high-security standard. 
• Stay current on IT security trends and news. 
• Develop company-wide best practices for IT security. 
• Research security enhancements and make recommendations to management. 
• Stay up to date on information technology trends and security standards. 
• Train, mentor, and guide teammates through direct comms and by hosting knowledge transfer calls. 

Experience  

Required 

• 2 - 4 years of experience working in a SOC/Analyst position 
• 2 years of SIEM experience in performing investigations, configuration, tuning and support. 
• Knowledgeable in cyber-attack techniques and frameworks like Mitre Att&ck, NIST, Lockhead Martin etc. 
• Experience in incident response 
• Understanding of SIEM, XDR, EDR/Antivirus, Firewalls, proxies, cloud, and IDPS concepts 
• Knowledgeable in computer networking and routing protocols 
• Experience in working with command line interfaces of Linux operating systems. 
• Strong knowledge of the Windows and Linux operating systems 
• Understanding of threat intel technologies 
• Ability to establish and maintain a strong level of customer trust and confidence. 
• Effective communicator with a positive attitude and fluent in the English language 
• Excellent writing skills with the capability to create well-formatted reports and client-facing documentation. 
• Team player with strong collaboration skills and a flexible approach to problem solving. 
• Strong time management skills 

Preferred 

• 2 years of Splunk experience 
• Experience with XDR technologies such as, Stellar Cyber 
• Experience with EDR technologies such as, CrowdStrike and SentinelOne 
• Experience with Vulnerability Management technologies such as, Rapid7 and Nessus 
• Proficient in liaising with customers 
• Experience in threat hunting 
• Ability to identify and mitigate network vulnerabilities and explain how to avoid them. 
• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact. 
• Experience with firewalls – such as Cisco, Juniper, Palo Alto or Fortinet 
• Investigating and troubleshooting IT issues 
• Managed services experience 

Qualifications 

• A bachelor’s/masters degree in Cyber Security or related field, or equivalent level of experience within IT. 
• Candidates with vendor specific qualifications are preferred but not required. Such as Security , CYSA , Splunk Certified User.. 

Requirements 

• Required: 2 years of SIEM configuring, tuning and support 
• Preferred 2 years of Splunk experience 
• Preferred 1 years of XDR experience  
• 2-5 years’ experience in the industry OR equivalent qualifications 
• Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts. 
• Ability to identify and mitigate network vulnerabilities and explain how to avoid them. 
• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact. 

Salary dependent on experience. 

Employment Type 

• Full-time