Digital Security Fellowship | Security Operations Center (SOC) Analyst

Are you interested in digital security? Do you have the drive to detect, analyze, and respond to cyber threats? Are you eager to up-skill your knowledge and experience to support organizations? If you’re ready to take your expertise as a SOC Analyst to the next level, this opportunity is for you!

JOSA is open to host two talented youth for a six months fellowship, April – October 2025, which aims to enhance fellows expertise in threat detection and monitoring. Throughout the fellowship, participants will develop advanced skills in monitoring security alerts from various tools (SIEM, IDS/IPS, firewalls, endpoint security, etc.) to identify potential threats and vulnerabilities. They will learn to analyze logs, network traffic, and other data to detect anomalies, suspicious activities, and security incidents. Additionally, fellows will gain proficiency in maintaining and operating security monitoring tools and dashboards to ensure continuous visibility into IT systems.

For further details, check below Fellowship Details, Roles and Responsibilities, Eligibility and How to Apply, and Application Process!

Details about the Fellowship

• Duration: Six months
• Start date: April 6, 2025
• End date: October 5, 2025
• Monthly Stipend: 350 JOD
• Full-time fellowship with the flexibility to work remotely a couple of days per week, allowing for a balanced and adaptable work environment.
• Mentors and Supervision: Selected fellows will work under the direct supervision of an assigned mentor from JOSA's Digital Security team, ensuring personalized guidance and support throughout the fellowship.
• Monitoring and Evaluation: Fellows will actively participate in monitoring and evaluation activities to track progress and ensure continuous growth. These activities include submitting Monthly Knowledge and Achievement Reports, engaging in one-on-one follow-up meetings, completing a Fellowship Completion Self-Improvement Report, and providing feedback through Satisfaction Surveys, among others.

Role Overview

The SOC Analyst will be responsible for monitoring, detecting, and responding to security threats and incidents within the organization’s IT infrastructure. This individual will play a key role in safeguarding the JOSA’s sensitive data, systems, and networks while supporting security operations that are aligned with the JOSA’s mission and compliance requirements. This position requires a combination of technical skills, analytical thinking, and an understanding of the unique challenges faced by NGOs, such as limited resources and the need for effective, low-cost security solutions.

Key Responsibilities

1. Threat Detection and Monitoring:

• Monitor security alerts from various tools (SIEM, IDS/IPS, firewalls, endpoint security, etc.) and identify potential threats and vulnerabilities.
• Analyze logs, network traffic, and other data to detect anomalies, suspicious activities, and security incidents.
• Maintain and operate security monitoring tools and dashboards to ensure continuous visibility into the organization’s IT systems.
   

2. Incident Response:

• Investigate and triage security incidents, including analyzing root causes, assessing impact, and implementing mitigation steps.
• Respond to incidents promptly, coordinating with internal teams to contain and remediate threats.
• Document and report on security incidents and their resolution for internal review and post-incident analysis.
   

3. Vulnerability Management:

• Assist with regular vulnerability scanning and penetration testing to identify weaknesses in the organization’s systems.
• Support the patch management process by ensuring timely remediation of critical vulnerabilities.
• Track and report on vulnerabilities and assist in prioritizing remediation efforts based on risk.
   

4. Security Awareness and Training:

• Collaborate with other teams to educate staff on security best practices, such as recognizing phishing attempts and securing personal devices.
• Develop and promote security awareness programs to ensure staff members follow good security hygiene.
   

5. Compliance and Documentation:

• Support the organization’s compliance efforts (e.g., GDPR, NIST, PCI DSS) by ensuring security practices align with regulatory requirements.
• Maintain thorough documentation of security incidents, policies, and procedures for internal reference and external audits.
• Assist with reporting security posture to senior management and stakeholders.
   

6. Continuous Improvement:

• Stay up-to-date with the latest cyber threats, vulnerabilities, and security technologies.
• Evaluate new security tools, solutions, and practices to improve the organization’s security posture.
• Suggest and implement process improvements in incident response, monitoring, and threat detection.
   

7. Collaboration and Communication:

• Work closely with other IT and security team members to implement security measures across the organization.
• Coordinate with third-party vendors and partners to ensure secure data exchange and collaboration.
   

8. Security Tool Maintenance:

• Assist in configuring, fine-tuning, and maintaining security tools (e.g., SIEM, endpoint protection,
• network monitoring tools) to ensure they are operating optimally.

Qualifications

Education and Experience:

• Bachelor’s degree in Information Security, Computer Science, or a related field (or equivalent practical experience).
• At least 1-3 years of experience in a security operations or IT security role (NGO or non-profit experience is a plus).

Technical Skills:

• Familiarity with security monitoring tools such as SIEM (Security Information and (EventManagement) platforms (e.g., Wazuh, or similar).
• Understanding of network security principles, firewalls, VPNs, and intrusion detection/prevention systems (IDS/IPS).
• Experience with vulnerability scanning tools (e.g., Nessus, OpenVAS).
• Strong understanding of security best practices, including incident response and forensics.
• Experience with endpoint security solutions and tools (e.g., CrowdStrike, Symantec, Carbon Black).
• Familiarity with cloud security and basic knowledge of cloud platforms (AWS, Azure, GCP) is an asset.

Certifications (Preferred but not required):

• CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or other relevant certifications.
• GIAC Security Essentials (GSEC) or similar certification could also be valuable.

Soft Skills:

• Strong analytical and problem-solving abilities.
• Ability to communicate complex technical information to non-technical stakeholders.
• Strong attention to detail and ability to handle high-pressure situations effectively.
• Ability to work both independently and collaboratively in a team environment.
• Capacity for managing multiple tasks and priorities with a focus on delivering results.

Eligibility Criteria

To participate in this fellowship and be eligible to receive the above support, you must meet most of the following criteria. 

• Fellows should be based in Jordan.
• Demonstrated interest in implementing at least one newly gained skill to support organizations.
• Commitment to complete the full duration of the fellowship.

How to Apply and Application Process

To apply, please complete the Application form.

Any incomplete applications will not be considered. Kindly note that the last date to accept applications is February 23, 2025, at 11:59 PM.

What is the Application Process?

• The application review process will be completed between February 24 and February 27, 2025.
• Interviews will be scheduled between March 2 and March 13, 2025.
• Confirmation and rejection emails will be sent no later than March 2, 2025.