Information Security Analyst

Are you passionate about cyber threat detection and response? We are seeking a Cybersecurity Analyst to monitor, analyze, and triage security alerts, ensuring a proactive defense against evolving threats in a Digital Retail Bank (DRB) environment. This role involves SIEM monitoring, incident handling, vulnerability management, and compliance enforcement to maintain the highest security standards. If you have experience in threat intelligence, log analysis, and security policy implementation, this is the perfect opportunity to contribute to a dynamic and cutting-edge cybersecurity team.

Responsibilities

• Threat Monitoring & Detection:
• Monitor and analyze SIEM alerts to detect potential security incidents.
• Conduct log analysis from firewalls, servers, applications, and endpoint security tools.
• Develop and refine correlation rules and use cases to improve threat detection.
• Utilize threat intelligence sources to enhance anomaly detection and response.
• Incident Response:
• Perform initial triage and incident handling to assess potential threats.
• Conduct root cause analysis to determine the impact and scope of security events.
• Maintain detailed incident documentation for compliance and reporting purposes.
• Vulnerability Management:
• Perform vulnerability scanning and risk assessment to identify security gaps.
• Support penetration testing efforts and assist in remediation strategies.
• Develop and implement risk mitigation plans to reduce attack vectors.
• Security Policy & Compliance:
• Ensure adherence to regulatory security frameworks (PCI DSS, ISO 27001, SBP regulations).
• Conduct security awareness training for internal teams.
• Monitor compliance with security policies and recommend necessary improvements.
• Research & Continuous Improvement:
• Stay updated on emerging threats, attack techniques, and cybersecurity trends.
• Continuously optimize SIEM correlation rules and fine-tune detection mechanisms.
• Enhance security operations processes to improve efficiency.
• Collaboration & Third-Party Security:
• Work closely with internal security teams and third-party service providers to correlate threat intelligence.
• Collaborate with IT and business units to enhance overall cyber resilience.

Requirements

• Bachelor’s degree in Computer Science, IT, Cybersecurity, or a related field.
• 4-6 years of experience in infrastructure security, SIEM monitoring, or threat intelligence.
• Strong understanding of network protocols, firewalls, VPNs, IDS/IPS, and endpoint security.
• Proficiency in using SIEM solutions (QRadar, Splunk, ArcSight, Wazuh, etc.).
• Expertise in vulnerability assessment, threat modeling, and risk analysis.
• Hands-on experience with security tools (Metasploit, Burp Suite, Nessus, etc.).
• Experience in policy development, security guidelines, and compliance frameworks.
• Proficiency in scripting languages (Python, PowerShell, SPL, SQL) for security automation.

• Professional certifications such as CISSP, CEH, OSCP, or vendor-specific security credentials are a plus.

Objectives & KPIs

• Mean Time to Detect (MTTD): Average time taken to detect, analyze, and escalate security incidents.
• Incident Resolution Rate: Percentage of incidents resolved within predefined SLAs.
• Alert Accuracy: Ratio of false positives vs. true positives identified in SIEM alerts.
• SIEM Optimization: Percentage of correlation rules and use cases updated or improved.
• Root Cause Analysis (RCA) Completion: Percentage of incidents with a thorough RCA report.
• Rule Tuning Frequency: Regular enhancements to improve SIEM efficiency and reduce unnecessary alerts.
• Regulatory Compliance: Percentage of adherence to SBP regulations, PCI DSS, ISO 27001, and security standards.