Security Operations Analyst

Security Operations Analyst

Apply Now

 

This is an exciting time for our Information Security team. In this position you will be an integral part of a developing enterprise Information Security Program. Your focus will be on security threat identification and incident escalation activities, as well as working with engineers to design and implement more effective security monitoring solutions. As a Senior Security Operations Analyst, you will be exposed to all areas of information security operations and engineering as we continue to build our program

Responsibilities

  • Own incident response efforts/escalations.
  • Help to train and support NOC staff on tier 1/2 SOC responsibilities.
  • Monitor and interpret data from a number of security monitoring platforms (e.g. IPS/IDS,Next-Gen Firewall, Anti-Virus, Vulnerability Scanner, etc.).
  • Research and analyze security event data to identify potential security incidents using SIEM technology.
  • Test and refine incident response processes and procedures.
  • Monitor public security advisories and alerts for information related to threats and vulnerabilities and help to build additional threat intelligence capabilities.
  • Drive efforts to improve and further build out the security monitoring tools.
  • Maintain knowledge of current security trends and be able to clearly communicate them to the team.
  • Document all incident analysis and response activity in a structured ticketing system.
  • Perform threat hunting and basic penetration testing.
  • Support information security engineering/architecture team.

Requirements

  • Advanced English communication skills (B2+).
  • Bachelors of Science in CIS/MIS/CS/CE, Engineering/Technology or related field or equivalent experience/training.
  • 6-8 years working within Information Technology and 4-6 years specifically in a security operations or threat/vulnerability management role.
  • Must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude.
  • Must have experience using and building SIEM technologies and creating, tuning and responding to detections and alerts.
  • CISSP, GSEC, GCIH, GCED, GCFA, GCFE, GMON certifications.
  • Experience with process automation using python, powershell, etc.
  • Expert understanding of information security concepts, protocols, and industry best practices.
  • Strong understanding and experience in the incident response process, packet analysis and forensic investigation techniques.
  • Experience with penetration testing tools and methodologies and the ability to conduct light red-teaming exercises.
  • Experience monitoring and securing public cloud technologies such as AWS and Azure.
  • Hands-on experience with security technologies from the following preferred vendors: Splunk, Palo Alto Networks Firewalls, Proofpoint, Carbon Black.
  • Experience with internal security assessments/reviews.
  • Experience administering both windows and linux systems.
  • Understanding of networking concepts and database technologies.
  • Experience with application security concepts and methodologies.
  • Experience with MDM solutions and SaaS/IaaS security.