Cyber Defence Analyst

As a Cyber Defence Analyst at our company, you will play a crucial role in monitoring, detecting, and responding to security threats across cloud (AWS & GCP), endpoint, and network environments. Leveraging the SentinelOne Singularity XDR platform and other modern security technologies, you will be responsible for threat detection, incident response, and continuously improving our security posture. **Responsibilities:** - Monitor logs and telemetry from various sources. - Develop, tune, and manage detection rules and use cases. - Identify and investigate anomalies, TTPs, and attack vectors. - Execute playbooks for various scenarios and drive investigations to closure. - Conduct proactive hunts to uncover hidden threats. - Produce actionable incident reports and threat summaries. - Provide SME input on log integration, audit coverage, and SOC process improvements. - Stay current on adversary techniques and collaborate with engineering teams to close detection gaps. **Qualifications:** - Bachelor's or Master's degree in cybersecurity, information technology, computer science, or related discipline. - 5 years of experience in Security Operations, Incident Response, or Cloud Security. - Hands-on experience with SentinelOne Singularity platform. - Scripting/automation knowledge for investigation and detection enrichment. - Certifications such as GCIH, GCFR, GCIA or equivalent are preferred. In addition to technical skills, essential personal skills for this role include being highly collaborative, calm under pressure, proactive, detail-oriented, resourceful, and having strong communication skills. You should also demonstrate integrity, sound judgment, and a commitment to maintaining confidentiality. As a Cyber Defence Analyst at our company, you will play a crucial role in monitoring, detecting, and responding to security threats across cloud (AWS & GCP), endpoint, and network environments. Leveraging the SentinelOne Singularity XDR platform and other modern security technologies, you will be responsible for threat detection, incident response, and continuously improving our security posture. **Responsibilities:** - Monitor logs and telemetry from various sources. - Develop, tune, and manage detection rules and use cases. - Identify and investigate anomalies, TTPs, and attack vectors. - Execute playbooks for various scenarios and drive investigations to closure. - Conduct proactive hunts to uncover hidden threats. - Produce actionable incident reports and threat summaries. - Provide SME input on log integration, audit coverage, and SOC process improvements. - Stay current on adversary techniques and collaborate with engineering teams to close detection gaps. **Qualifications:** - Bachelor's or Master's degree in cybersecurity, information technology, computer science, or related discipline. - 5 years of experience in Security Operations, Incident Response, or Cloud Security. - Hands-on experience with SentinelOne Singularity platform. - Scripting/automation knowledge for investigation and detection enrichment. - Certifications such as GCIH, GCFR, GCIA or equivalent are preferred. In addition to technical skills, essential personal skills for this role include being highly collaborative, calm under pressure, proactive, detail-oriented, resourceful, and having strong communication skills. You should also demonstrate integrity, sound judgment, and a commitment to maintaining confidentiality.