Security Analysts (Documentation of Findings)

• Incident Documentation : Review security incidents and vulnerabilities, documenting all findings clearly and accurately. Ensure that findings are categorized, prioritized, and assigned appropriate severity levels.
• Security Reporting : Prepare detailed reports on security issues, including root cause analysis, impact assessments, and recommended remediation actions. Reports should be tailored to different stakeholders, from technical teams to executive leadership.
• Tracking and Follow-up : Maintain a clear and organized system for tracking open findings, vulnerabilities, and remediation efforts. Follow up regularly to ensure issues are being addressed in a timely manner.
• Collaboration with Teams : Work closely with Security Operations, Threat Intelligence, and IT teams to gather relevant data, understand technical details, and ensure comprehensive documentation of findings.
• Continuous Improvement : Assist in refining documentation processes, templates, and reporting standards to improve efficiency and clarity.
• Knowledge Sharing : Contribute to the development of internal security knowledge base, documenting lessons learned, common vulnerabilities, and best practices for future reference.
• Compliance Support : Ensure that all documentation complies with internal policies and external regulatory requirements (e.g., GDPR, HIPAA, PCI DSS).
• Security Tools Utilization : Use security tools and platforms (such as SIEM, ticketing systems, vulnerability management tools) to document and track findings.

Required Skills and Qualifications:

• Education : Bachelor s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent work experience).
• Experience : 2+ years of experience in cybersecurity, with a focus on incident documentation, analysis, or reporting.
• Technical Knowledge : Familiarity with common security threats, vulnerabilities, and security frameworks (e.g., OWASP, NIST).
• Strong Writing Skills : Exceptional written communication skills with the ability to document complex technical issues clearly for both technical and non-technical audiences.
• Attention to Detail : Ability to review and document security findings meticulously, ensuring accuracy and clarity.
• Familiarity with Security Tools : Experience with security tools like SIEM (Security Information and Event Management), vulnerability scanners, ticketing systems (Jira, ServiceNow, etc.), and similar platforms.
• Analytical Thinking : Ability to analyze complex security incidents and break them down into understandable documentation, identifying root causes and trends.
• Problem-Solving : Proactive in identifying gaps in documentation processes and recommending solutions to enhance clarity, consistency, and effectiveness.

Desired Skills:

• Certifications : Certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or similar are a plus.
• Knowledge of Regulatory Standards : Familiarity with industry regulations and compliance standards such as GDPR, HIPAA, PCI DSS, and ISO/IEC 27001.
• Security Operations Knowledge : Exposure to Security Operations Center (SOC) environments or incident response teams.
• Experience with Threat Intelligence : Understanding of threat intelligence concepts and how to document emerging threats and vulnerabilities.