Security Analyst

**Job Overview**:
We are seeking a highly skilled **Security Analyst (Key Expert 2)** to be assigned to our cybersecurity project. The Security Analyst will be responsible for monitoring, detecting, and responding to security incidents, as well as ensuring that systems and data are secure from threats. This individual will work closely with the Security Operations Center (SOC) team and leverage advanced tools like **Microsoft Sentinel** and **Microsoft Defender XDR** for threat detection and incident response.

**Key Responsibilities**:

- Monitor security alerts and incidents using **Microsoft Sentinel** and other SIEM tools.
- Perform real-time threat analysis, incident detection, and response across various platforms and endpoints.
- Investigate and mitigate security threats using **Microsoft Defender XDR** for extended detection and response.
- Implement and manage security policies to protect information and systems from cyber threats.
- Conduct vulnerability assessments and participate in security audits to identify potential risks.
- Collaborate with the Security Operations Center (SOC) team to ensure efficient and effective threat detection and resolution.
- Prepare reports on incidents, vulnerabilities, and recommendations for enhancing security posture.
- Assist in automating and optimizing security operations to improve response times.

**Skills & Qualifications Required**:
**Experience & Certifications**:

- **3+ years of experience** working as a **Security Analyst** or in a similar role, focusing on cybersecurity operations, threat detection, and response.
- Hands-on experience with **Microsoft Sentinel** for security monitoring and incident management.
- Experience with **Microsoft Defender XDR** for threat detection and response, including identifying and mitigating complex security threats.
- **SC 100 (Microsoft Cybersecurity Architect)** certification - showcasing advanced knowledge of cybersecurity strategy and architecture.
- **SC 200 (Microsoft Security Operations Analyst)** certification - validating skills in threat management and investigation using Microsoft solutions.
- **SC 300 (Microsoft Identity and Access Administrator)** certification - providing expertise in managing identity and access security solutions.
- Knowledge of security frameworks and standards (e.g., NIST, CIS, ISO 27001).
- Experience with security incident management, vulnerability assessments, and risk management processes.

**Additional Skills**:

- Proficiency in analyzing logs, alerts, and security data to detect and resolve security threats.
- Ability to create and configure detection rules, alerts, and reports in **SIEM platforms** (especially **Microsoft Sentinel**).
- Familiarity with **cloud security** best practices, particularly within **Microsoft Azure** environments.
- Knowledge of **identity and access management** and endpoint security.
- Scripting and automation skills (e.g., PowerShell, Python) to improve security operations.

**Soft Skills**:

- Strong **analytical and problem-solving** skills to assess security alerts and incidents.
- Ability to work in high-pressure situations and respond quickly to threats.
- **Team-oriented** mindset with strong collaboration skills, working closely with SOC teams and other stakeholders.
- Effective **communication skills** for reporting on incidents and working with various teams.

**Educational Background**:
Bachelor’s Degree in Computer Science, Cybersecurity, Information Technology, or a related field.

Application Question(s):

- Do you give Galeboe Professional Services permission to use your CV for tender responses?
- Expected salary