Cyber Security Officer

We are looking for a Cyber Security Analyst (Blue Team) to strengthen our defensive security operations. The ideal candidate is detail-oriented, proactive in monitoring and analyzing threats, and experienced in incident response. This role is crucial in safeguarding our IT infrastructure, data, and applications against evolving cyber threats.

Key Responsibilities:

1. Monitoring & Detection
   Operate and optimize SIEM, IDS/IPS, EDR, and log management systems to continuously monitor for potential threats.

2. Incident Response
   Investigate, contain, and remediate cybersecurity incidents promptly, including malware infections, phishing attempts, and intrusion attempts.

3. Threat Analysis & Forensics
   Conduct root cause analysis, digital forensics, and threat hunting to understand attack vectors and prevent recurrence.

4. Vulnerability Management & System Hardening
   Perform regular vulnerability assessments, apply patches, and conduct system/network hardening to minimize attack surfaces and strengthen overall security posture.

5. Collaboration & Reporting
   Work with IT and relevant departments to implement defensive measures, improve detection rules, and generate actionable security reports.

6. Compliance Support
   Ensure defensive controls support ISO 27001 ISMS framework and data protection regulations.
   
   Qualifications:

7. Education: Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.

8. Experience: 2–4 years of hands-on experience in Security Operations Center (SOC), incident response, or Blue Team operations.

9. Technical Skills:

   • Proficiency with SIEM tools (Splunk, QRadar, Elastic, etc.), IDS/IPS, firewalls, EDR/XDR.

   • Experience with application security and secure coding practices in Node.js and Laravel.

   • authentication/authorization mechanisms, and common API vulnerabilities (OWASP API Top 10).

   • Having knowledge of PostgreSQL and MySQL security best practices (hardening, query security, encryption, privilege management).

   • Strong understanding of network protocols, log analysis, and packet inspection.

   • Experience with vulnerability scanning tools (Nessus, OpenVAS, Qualys).

   • Familiarity with malware analysis, threat hunting, and digital forensics tools.

   • Knowledge of cloud security monitoring (AWS, Azure, GCP).

   • Having CompTIA Security+, CySA+, CEH (Blue Team track), GCIA, or similar certification, will be a plus point

10. Soft Skills: Analytical mindset, problem-solving under pressure, effective communication, teamwork, and adaptability.