This is an exciting time for our Information Security team.
In this position you will be an integral part of a developing enterprise Information Security Program.
Your focus will be on security threat identification and incident escalation activities, as well as working with engineers to design and implement more effective security monitoring solutions.
As a Senior Security Operations Analyst, you will be exposed to all areas of information security operations and engineering as we continue to build our program.
**Your primary duties and responsibilities will include**:
- Own incident response efforts/escalations
- Help to train and support NOC staff on tier 1/2 SOC responsibilities
- Monitor and interpret data from a number of security monitoring platforms (e.g.
IPS/IDS, Next-Gen Firewall, Anti-Virus, Vulnerability Scanner, etc.)
- Research and analyze security event data to identify potential security incidents using SIEM technology
- Test and refine incident response processes and procedures
- Monitor public security advisories and alerts for information related to threats and vulnerabilities and help to build additional threat intelligence capabilities
- Drive efforts to improve and further build out the security monitoring tools
- Maintain knowledge of current security trends and be able to clearly communicate them to the team
- Document all incident analysis and response activity in a structured ticketing system
- Perform threat hunting and basic penetration testing
- Support information security engineering/architecture team
**QUALIFICATIONS**:
**Minimum Qualifications**:
- Bachelor of Science in CIS/MIS/CS/CE, Engineering/Technology or related field or equivalent experience/training
- Advanced English communication skills (B2+)
- 6-8 years working within Information Technology and 4-6 years specifically in a security operations or threat/vulnerability management role
- Must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude
- Must have experience using and building SIEM technologies and creating, tuning, and responding to detections and alerts
- Demonstrated oral/written communications, and client facing skills
**Preferred Qualifications**:
- CISSP, GSEC, GCIH, GCED, GCFA, GCFE, GMON certifications
- Experience with process automation using python, PowerShell, etc.
- Expert understanding of information security concepts, protocols, and industry best practices
- Strong understanding and experience in the incident response process, packet analysis and forensic investigation techniques
- Experience with penetration testing tools and methodologies and the ability to conduct light red-teaming exercises
- Experience monitoring and securing public cloud technologies such as AWS and Azure
**Additional Qualifications**:
- Experience with internal security assessments/reviews
- Experience administering both windows and Linux systems
- Understanding of networking concepts and database technologies
- Hands-on experience with security technologies from the following preferred vendors: Splunk, Palo Alto Networks Firewalls, Proofpoint, Carbon Black
- Experience with MDM solutions and SaaS/IaaS security