GTS Telecom is seeking a skilled and proactive Security Operations Analyst to join our dynamic Security Operations team. In this role, you will be involved in implementing and managing cybersecurity solutions and platforms and perform monitoring, analyzing, and responding to security events both related to GTS and to our customers that are contracting security services and solutions.
You will leverage your existing security knowledge and experience to contribute to the continuous improvement of our security posture and work collaboratively with other security professionals.
Key Responsibilities (covering both GTS area and the security related products and services delivered to our customers):
- Implement and manage security solutions with the support of the GTS teams and its partners
- Monitor security alerts and events from various security tools (SIEM, IDS/IPS, endpoint security, cloud security platforms, etc.) and perform in-depth analysis to identify potential threats.
- Investigate and triage security incidents, following established procedures and escalating complex issues as necessary.
- Participate in the development and refinement of incident response playbooks and procedures based on lessons learned and evolving threats.
- Actively participate in security incident response activities, including containment, eradication, and recovery efforts.
- Contribute to the development and maintenance of security monitoring rules, alerts, and dashboards within our security tools.
- Perform vulnerability assessments and assist in the remediation of identified vulnerabilities
- Analyze security logs and network traffic to identify suspicious activity and potential security breaches.
- Stay up-to-date with the latest security threats, vulnerabilities, and attack techniques, and proactively recommend security enhancements.
- Contribute to the creation of security reports, metrics, and presentations for technical and non-technical audiences.
- Collaborate with Security Operations team and other IT teams to implement and maintain security controls and best practices.
- Participate in security projects and initiatives.
Qualifications & Experience:
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
- Minimum of 2 years of experience in a similar security analysis role.
- Good understanding of networking concepts (TCP/IP, DNS, HTTP, etc.) and network security principles.
- Good knowledge of operating systems (Windows, Linux) and their security mechanisms.
- Hands-on experience with various security tools and technologies, including SIEM platforms (e.g., Sentinel, Splunk), IDS/IPS, endpoint security solutions, and vulnerability scanning tools.
- Proven ability to analyze security alerts, identify false positives, and escalate genuine threats effectively.
- Experience in investigating and responding to security incidents, including malware analysis and forensic techniques.
- Understanding of cloud security concepts and experience securing cloud environments (AWS, Azure, GCP).
- Strong analytical, problem-solving, and critical thinking skills.
- Ability to work independently and collaboratively within a team environment.
- Proactive and self-motivated with a strong desire to learn and grow in the cybersecurity field.
Desirable Skills & Certifications:
- Relevant security certifications such as CompTIA Security+, CySA+, CEH, or vendor-specific certifications.
- Experience with threat intelligence platforms and utilizing threat intelligence in security operations.
- Familiarity with security frameworks and standards (e.g., NIST CSF, ISO 27001, NIS, DORA).
- Familiarity with common attack vectors and mitigation techniques.
