Job Description
The Colombo Stock Exchange (CSE) and its subsidiaries are licensed as Market Institutions by the Securities and Exchange Commission of Sri Lanka (SEC) under the SEC Act No. 19 of 2021. The CSE Group provides services to a wide array of stakeholders, including the Trading Participants, Listed Entities, Depository Participants and Clearing Members as a capital market infrastructure provider.
ANALYST - CYBER SECURITY
Rajagiriya
A key role in monitoring networks for potential threats, implementing software to protect against online vulnerabilities, documenting security breaches, and reporting issues. If you are interested in joining our team and meet the requirements below, this opportunity is for you!
Key Responsibilities:
- Conduct in-depth analysis and investigation of security incidents escalated by the Security Operations Centre (SOC) to determine impact, root cause, and remediation requirements.
- Provide recommendations to enhance SIEM use cases, detection rules, playbooks, and overall security monitoring effectiveness.
- Perform proactive threat hunting activities using SIEM platforms, EDR/XDR telemetry, network logs, and other security data sources to identify hidden or emerging threats.
- Develop and implement advanced detection queries, correlation rules, and threat detection logic to strengthen cybersecurity monitoring.
- Manage the end-to-end incident response lifecycle, including triage validation, investigation, containment, eradiation, recovery, and post-incident analysis.
- Lead post-incident reviews and lessons-learned sessions to enhance incident response processes and organizational resilience.
- Perform advanced log analysis and correlation across multiple systems, including servers, endpoints, applications, and network security devices, to identify attack patterns and malicious activities.
- Support the implementation and enhancement of cybersecurity controls, processes, and technologies.
Key Requirements:
- Bachelor's Degree in Information Technology, Cyber Security, or a related field.
- Professional cybersecurity certifications (e.g; CEH, SSCP, or equivalent) will be an added advantage.
- Minimum of three years’ experience in Cyber Security Operations, Incident Response, Threat Analysis, or SOC environments.
- Strong technical expertise in SIEM technologies, security monitoring, threat detection, and incident response.
- Excellent analytical, investigative, and problem-solving skills with the ability to manage complex security incidents.
- Strong communication and stakeholder management skills, with the ability to work effectively in a fast-paced environment.
- Proactive, self-motivated team player with a strong sense of accountability and attention to detail.