Job Description

Roles & Responsibilities

Security Monitoring and Threat Detection:

Monitor and analyse security events across multiple client environments.
Correlate security incidents and log data across diverse infrastructures to identify patterns and potential risks.
Escalate identified incidents according to pre-defined protocols and client-specific SLAs.br>

Incident Response and Coordination:

Lead initial incident triage, investigation, and response to security incidents, adhering to incident classification and escalation procedures.
Collaborate with internal teams and stakeholders for effective incident containment, mitigation, and remediation.
Ensure detailed documentation for each incident and assist in root cause analysis and developing actionable recommendations to improve security posture.

Threat Intelligence and Advanced Defence:

Integrate threat intelligence to proactively identify indicators of compromise (IOCs) and strengthen detection mechanisms.
Contribute to proactive threat-hunting efforts, utilizing current threat intelligence feeds and vulnerability data to identify potential risks before they impact clients.
Research and track emerging threats relevant to client environments, helping to adjust defences accordingly.

Client-Focused Reporting and SLA Management:

Maintain compliance with SLAs defined in the MSSP agreement by prioritizing and resolving incidents within specified time frames.
Produce partner-specific reports on security activities, incident trends, and performance metrics to support transparent and proactive communication.
Assist clients with audits and compliance efforts by providing accurate and thorough incident documentation aligned with NIST, ITIL, and other frameworks.

Continuous Improvement and Service Excellence:

Participate in fine-tuning detection tools and refining processes to reduce false positives and enhance service quality.
Collaborate with the MSSP Service Excellence team to identify opportunities for service improvement, process optimization, and client satisfaction.
Stay informed on the latest industry practices, contributing to the continual enhancement of our MSSP service offerings.

Collaboration and Knowledge Sharing:

Work closely with the other departments in the IT team partners to ensure cohesive incident management and response.
Share knowledge and insights with team members, fostering a collaborative environment and mentoring junior engineers as needed.
Support client security awareness initiatives, assisting with training and tabletop exercises to improve overall security readiness.

Desired Candidate Profile

Qualifications and Experience

Bachelor s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
Experience with Microsoft Sentinel, Microsoft Defender, IDS/IPS, and endpoint detection tools.
Familiarity with ITIL processes, NIST standards, and incident response frameworks is highly desirable.
Relevant certifications such as CompTIA Security+, Certified SOC Analyst (CSA), or Security Operations Analyst Associate.

Skills and Competencies

Strong analytical skills and a client-focused approach to managing security incidents.
Knowledge of security infrastructure, operating systems, and network protocols.
Excellent communication and documentation skills, with the ability to convey technical information clearly to clients.
Ability to manage high-pressure situations with a calm, methodical approach.

CyberSOC Specialist TDM Group