Security Analyst - Cyber Security

The Programme

The role is to provide an effective and proactive response to cybersecurity-related events and incidents to protect QBE’s assets and services. 
 
In addition, the role will support business stakeholders in the event of a security incident, and support incident management and escalation processes to the appropriate incident management teams. 
 
We are looking for Tier 1 level support that will investigate a diverse set of alerts.  
 
The role should adapt to any changes in security operations to comply with various business requirements. 
 
Be part of a globally distributed team (24x7) that will use several security tools (e.g., SIEM, email triage platform, cloud security tooling, EDR solutions, etc.) to investigate suspicious events.

What You Will Do

• Proactively monitor and respond to suspicious or true positive incidents across our security platforms.  
• Perform initial incident analysis of various security alerts by analyzing and investigating security-related logs harvested from various security signals. 
• Provide recommendations and initial assessments to Tier 2 resources for deeper analysis and triage. 
• Perform timely escalation of cybersecurity incidents to Tier 2 resources and incident responders using incident management tools and other available channels. 
• Conduct research using various proprietary and open-source tools to identify current and emerging threats and risks to QBE. 
• Provide assessment and recommendations to mitigate potential threats or suppress any occurring false positive alerts. 
• Perform ad-hoc tasks and completion of goals relating to ongoing projects and initiatives. 
• Generating reports and providing insights on the efficacy of the current security tools, incident responses, procedures, and other security-related information.

Required Skills and Abilities

• Bachelor's degree in computer science, programming, or IT-related field.  
• Fresh graduates are welcome to apply. 
• The ability to work in a fast-paced and time-sensitive role. 
• Be able to communicate effectively and update various stakeholders globally. 
• Proactive, analytical, and able to solve complex investigations. 
• Understanding of known threat actors, techniques, and procedures that modern attackers use to compromise organizations.

Advantage, but not required knowledge and skills:

• 1-2 years relevant security experience performing similar duties working in a Security Operation Centre, Cybersecurity, and other IT-related fields. 
• Advanced training or certifications (e.g., ISC2, ISACA, SANS, Azure, etc.) 
• Knowledge of security solutions and technologies like Windows, Linux, IPS/IDS, Firewalls, Email gateways, proxy technologies, cloud solutions, endpoints, and mobile devices. 
• Be able to perform correlations and analytics with diverse types of logs, i.e., network, active directory, database, DNS, firewalls, proxies, host-based security, cloud, and applications logs.

About Us: 
 
We are an international insurer and reinsurer offering a diverse portfolio of commercial, personal and specialty products, as well as risk management solutions.  
 
Our product portfolio includes property, motor, crop, energy, marine and aviation.  
 
We employ a team of around 13,000 people in 27 countries around the world.