Job Description

Roles & Responsibilities

Security Monitoring and Threat Detection:

• Monitor and analyse security events across multiple client environments.
• Correlate security incidents and log data across diverse infrastructures to identify patterns and potential risks.
• Escalate identified incidents according to pre-defined protocols and client-specific SLAs.br>

Incident Response and Coordination:

• Lead initial incident triage, investigation, and response to security incidents, adhering to incident classification and escalation procedures.
• Collaborate with internal teams and stakeholders for effective incident containment, mitigation, and remediation.
• Ensure detailed documentation for each incident and assist in root cause analysis and developing actionable recommendations to improve security posture.

Threat Intelligence and Advanced Defence:

• Integrate threat intelligence to proactively identify indicators of compromise (IOCs) and strengthen detection mechanisms.
• Contribute to proactive threat-hunting efforts, utilizing current threat intelligence feeds and vulnerability data to identify potential risks before they impact clients.
• Research and track emerging threats relevant to client environments, helping to adjust defences accordingly.

Client-Focused Reporting and SLA Management:

• Maintain compliance with SLAs defined in the MSSP agreement by prioritizing and resolving incidents within specified time frames.
• Produce partner-specific reports on security activities, incident trends, and performance metrics to support transparent and proactive communication.
• Assist clients with audits and compliance efforts by providing accurate and thorough incident documentation aligned with NIST, ITIL, and other frameworks.

Continuous Improvement and Service Excellence:

• Participate in fine-tuning detection tools and refining processes to reduce false positives and enhance service quality.
• Collaborate with the MSSP Service Excellence team to identify opportunities for service improvement, process optimization, and client satisfaction.
• Stay informed on the latest industry practices, contributing to the continual enhancement of our MSSP service offerings.

Collaboration and Knowledge Sharing:

• Work closely with the other departments in the IT team partners to ensure cohesive incident management and response.
• Share knowledge and insights with team members, fostering a collaborative environment and mentoring junior engineers as needed.
• Support client security awareness initiatives, assisting with training and tabletop exercises to improve overall security readiness.

Desired Candidate Profile

Qualifications and Experience

• Bachelor s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Experience with Microsoft Sentinel, Microsoft Defender, IDS/IPS, and endpoint detection tools.
• Familiarity with ITIL processes, NIST standards, and incident response frameworks is highly desirable.
• Relevant certifications such as CompTIA Security+, Certified SOC Analyst (CSA), or Security Operations Analyst Associate.

Skills and Competencies

• Strong analytical skills and a client-focused approach to managing security incidents.
• Knowledge of security infrastructure, operating systems, and network protocols.
• Excellent communication and documentation skills, with the ability to convey technical information clearly to clients.
• Ability to manage high-pressure situations with a calm, methodical approach.