Cyber Security Operations Specialist

Job Description

Role purpose

A Cyber Security Operations Specialist is a professional responsible for protecting an organization's information systems and data from cyber threats. This role typically involves monitoring networks for security breaches, investigating incidents, implementing security measures, and responding to security incidents

Key accountabilities

• A Cyber Security Operations Specialist is a professional responsible for protecting an organization's information systems and data from cyber threats. This role typically involves monitoring networks for security breaches, investigating incidents, implementing security measures, and responding to security incidents
• Continuously monitor security systems and networks for unusual activity or potential threats.
• Analyse security alerts and logs to identify and respond to incidents.
• Investigate security incidents and breaches to determine their cause and impact.
• Coordinate the response to security incidents, including containment, eradication, and recovery.
• Maintain a concise, audit-ready Incident Response Plan that defines severity matrix, escalation paths, decision authority, evidence handling, and communications (internal, executive, legal, regulator).
• Own a version-controlled repository of actionable playbooks (phishing, business email compromise, ransomware, webshell, data exfiltration, insider risk, credential theft, cloud token abuse)
• Ensure that logs from servers, cloud apps, domain controllers, proxies, domain controllers, email and smtp gateways, PUAM, firewalls are collected, easy to read, time-synchronized, and stored securely.
• Build and maintain smart alert rules that spot real attacks (based on MITRE ATT&CK) and reduce noisy false alarms.
• Create dashboards and weekly reports that show what we’re seeing and how fast we respond.
• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
• Utilize threat intelligence and threat hunting techniques to enhance the organization’s security posture.
• Work closely with Technology teams, management, and external partners to ensure a cohesive security strategy.
• Participate in security audits and assessments.
• Conduct forensic analysis of security incidents to determine root causes and prevent future occurrences.
• Perform other tasks assigned by Line Manager.

MINIMUM EXPERIENCE & ESSENTIAL KNOWLEDGE

• Minimum of 3-5 years of experience in Security Operations and Threat hunting.
• Bachelor's degree in computer science, information technology, cyber security, or a related field.
• Relevant certifications such as Microsoft Certified Security Operations Analyst Associate, Blue Team Level 1 (BTL1), CompTIA CySA+, or Certified SOC Analyst (CSA), ECIH or equivalent would be beneficial.
• Proficiency in security tools (e.g., SIEM, IDS/IPS, firewalls).
• Knowledge of networking protocols and architecture.
• Familiarity with operating systems (Windows, Linux) and cloud environments
• Strong analytical and problem-solving abilities to assess risks and respond effectively to incidents.
• Excellent analytical and problem-solving skills.
• Strong communication skills to effectively convey technical information to non-technical stakeholders. [French and English]
• Ability to work independently and as part of a team in a fast-paced environment.
• This position may require occasional after-hours work for incident response.
• A keen eye for detail to detect anomalies in data and logs
• Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standards and GDPR