%20(1).jpg)
.jpg)
.jpeg)
Share this Job
About the Organisation
Ecobank Ghana is a leading financial institution and part of the Ecobank Group. The bank serves corporate, SME, and retail customers with innovative financial solutions, supported by robust technology and risk management practices.
Senior Cyber Security Operations Analyst (L2) job at Ecobank Ghana | Apply Now
Accra, Ghana
Are you looking for IT jobs in Ghana 2025 today? then you might be interested in Senior Cyber Security Operations Analyst (L2) job at Ecobank Ghana
Full Time
Deadline:
27 Aug 2025
Job Title
Senior Cyber Security Operations Analyst (L2) job at Ecobank Ghana
Ecobank Ghana
Job Description
The Senior Cyber Security Operations Analyst (L2) is a hands-on technical and supervisory role within the Security Operations Center (SOC). The role leads escalations from L1, conducts advanced SIEM monitoring and analysis, performs proactive threat hunting, and coordinates containment, eradication, and recovery activities for incidents. The analyst ensures continuous 24x7 monitoring coverage, tunes and engineers SIEM correlation rules, integrates security telemetry from critical systems, and produces timely metrics and reports (KPIs/KRIs). The position mentors SOC analysts, enhances processes and playbooks, supports compliance monitoring, and recommends improvements to security architecture, policies, and procedures. The role reports to the SOC Manager and collaborates across Infrastructure, Applications, Risk, and Business teams.
Duties, Roles and Responsibilities
Qualifications, Education and Competencies
See all details of the qualifications, competencies and education for this role under the "How to Apply" section below.
ONLY ONLINE APPLICATIONS:
Interested and qualified candidates are advised that all applications should be submitted online.
To apply please click on the APPLY button below.
Find application details and links on the AfriCareers Jobs Portal:
-
Click the Apply button below
-
New users: Select Create Profile and complete the Profile Creation Wizard
-
Existing users: Log in and update your profile if needed
-
Go to the "Jobs" tab
-
Read the detailed job description, Roles and Qualifications.
-
Submit your application via the jobs portal
-
Track progress under "My Applications" tab
Important Note: Some employers now hire directly on the AfriCareers New Jobs Portal — keep your profile updated so employers can easily view your CV and hire you instantly.
How to Apply
Supervise and mentor L1 analysts; act as escalation point for complex incidents.
Monitor, analyse, and triage security events in the SIEM; investigate IOCs and anomalous behaviors.
Execute and coordinate incident response across all phases (preparation, identification, containment, mitigation, remediation, lessons learned).
Conduct proactive threat hunting across varied data sources (endpoints, network, cloud, email, identity).
Enforce and monitor compliance requirements; escalate violations for immediate remediation.
Engineer and tune SIEM use-cases/correlation rules; perform health checks of SIEM components and data pipelines.
Integrate new security technologies and critical business applications into the SIEM (with approvals).
Provide Tier-2 support for security tooling (AV/EDR, IDS/IPS, vulnerability management, Windows/Linux/UNIX, email, proxies, firewalls, identity, DLP, MFA).
Use the service desk/ticketing system for workflow, escalation, and documentation; ensure accurate records.
Produce daily/weekly/monthly dashboards and reports on threats, incidents, KPIs, and risk trends.
Perform internal/external vulnerability scans and validate remediation effectiveness.
Share knowledge, deliver training, and contribute to SOC process and playbook improvements.
SERVICES
COMMERCIAL
SERVICES
INDUSTRIAL
SERVICES
RESIDENTIAL
Bachelor’s degree in Computer Science, Computer Engineering, Cyber Security, Forensics, Information Technology, or related field (Master’s is a plus).
5+ years’ experience in IT and/or Cyber/Information Security; at least 2 years in security monitoring (log/event management, compliance monitoring, vulnerability scanning, ITIL/ISO).
Minimum 1 year experience with full-packet-capture products.
Strong knowledge of OS, TCP/IP, ports/protocols (HTTP, DNS), intrusion detection/prevention, web app security, DLP, MDM.
Familiarity with frameworks: Cyber Kill Chain, Diamond Model, MITRE ATT&CK, NIST IR.
Understanding of incident handling phases and SOC best practices.
Experience with ticketing systems and thorough incident documentation.
Knowledge of industry standards and regulations (e.g., PCI-DSS, NIST 800-53/82, ISO 27001).
Tooling exposure: firewalls, proxies, IDS/IPS, FPC, email security, access control, encryption, DLP, MFA, IAM/IDP, endpoint security, SIEM.
Demonstrated phishing threat analysis experience.
Required certifications: CISSP, CISM and/or CISA.
Additional certifications (plus): GCIA, GCIH, CEH, CFCE, OSCP, SANS, CRISC, CHFI, etc.
Strong analytical/problem-solving, communication, presentation, and stakeholder management skills.
High integrity, attention to detail, ability to multitask and perform under pressure in a 24x7 environment.
