Security Analyst

Overview

The role is to provide an effective and proactive response to cybersecurity-related events and incidents to protect QBE’s assets and services. The role will support business stakeholders in the event of a security incident, and support incident management and escalation processes to the appropriate incident management teams. We are looking for Tier 1 level support that will investigate a diverse set of alerts. The role should adapt to any changes in security operations to comply with various business requirements.

Responsibilities

• Be part of a globally distributed team (24x7) that will use several security tools (e.g., SIEM, email triage platform, cloud security tooling, EDR solutions, etc) to investigate suspicious events.
• Proactively monitor and respond to suspicious or true positive incidents across our security platforms.
• Perform initial incident analysis of various security alerts by analysing and investigating security-related logs harvested from various security signals.
• Provide recommendations and initial assessments to Tier 2 resources for deeper analysis and triage.
• Perform timely escalation of cybersecurity incidents to Tier 2 resources and incident responders using incident management tools and other available channels.
• Conduct research using various proprietary and open-source tools to identify current and emerging threats and risks to QBE.
• Provide assessment and recommendations to mitigate potential threats or suppress any occurring false positive alerts.
• Perform ad-hoc tasks and completion of goals relating to ongoing projects and initiatives.
• Generating reports and providing insights on the efficacy of the current security tools, incident responses, procedures, and other security-related information.

Required knowledge and skills

• Bachelor\'s degree in computer science, programming, or IT-related field. Fresh graduates are welcome to apply.
• The ability to work in a fast-paced and time-sensitive role.
• Be able to communicate effectively and update various stakeholders globally.
• Proactive, analytical, and able to solve complex investigations.
• Understanding of known threat actors, techniques, and procedures that modern attackers use to compromise organisations.

Advantage (not required)

• 1-3 years relevant security experience performing similar duties in a Security Operation Centre, Cybersecurity, and other IT-related fields.
• Advanced training or certifications (e.g., ISC2, ISACA, SANS, Azure, etc.)
• Knowledge of security solutions and technologies like Windows, Linux, IPS/IDS, Firewalls, Email gateways, proxy technologies, cloud solutions, endpoints, and mobile devices.
• Ability to perform correlations and analytics with diverse types of logs (network, active directory, database, DNS, firewalls, proxies, host-based security, cloud, and applications logs).

Benefits

• Be part of a global team and enrich your cybersecurity technical skills from subject matter experts.
• Tailored professional development.
• Exclusive access to industry-leading training platforms.
• Opportunity to get firsthand experience across industry-leading security tools.
• We are a team that values diversity and inclusion.

QBE Cultural DNA

• Everything we do at QBE is underpinned by our DNA (seven cultural elements): customer-focused, technical experts, inclusive, fast-paced, courageous, accountable, and a team approach. All employees are expected to adhere to QBE’s Code of Ethics and Conduct and apply sound risk management practices.

Disclaimers and notices

• The Global Disclaimer: The duties listed in this job description do not limit the assignment of work and are not a complete list of duties normally to be performed. Our Group Code of Ethics and Conduct provides guidance to help us make good judgement calls.

General information

• Responsibilities and qualifications reflect the needs of the role and may be adjusted as the security program evolves.

Equal Employment Opportunity: QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.

#J-18808-Ljbffr

---