Job Purpose/Mission/Summary A Security Analyst will be part of a team that will continuously monitor for alerts, manages event queues, creates and/or triage's security incidents, and monitors the health of security sensors and endpoints. They will assist other Security Analyst / Engineers and other Operation teams to resolve alarms, events, or incidents. They will analyze incidents for potential problems and trends by correlating data from various sources and threat intelligence. They will also be responsible to determine if an incident is a critical system or privacy issue. They will provide suggestions on ways to improve autonomous methods for detecting and responding to threats. They will be responsible for documenting new runbooks and procedures as well as other operational incident documentation. They will also be required to develop daily, weekly, and monthly status reports. They will be required to stay abreast of new technology and global threats. This is a position that is responsible for interaction with employees around the world.
A successful candidate will have some experience with security operations and tools with deeper experience with either server, networking or cloud systems. They must be willing to share and develop other analysts to improve the knowledge of the overall team.
Key Tasks: Monitor alerts and events in security management systems Monitor network intrusion detection and prevention systems Perform data collection and enrichment for context on any necessary alarms, events, or incidents Create security incidents and associated tickets Manage security requests and incidents Document and maintain security operation procedures Collaborate with other operation teams to resolve any potential threats or issues and tabletop exercises Plan, implement and upgrade security measures and controls Recommend and install appropriate tools and countermeasures Analyze alarms, events, requests, incident and risk trends Analyze security breaches to determine their root cause Gather and review threat intelligence globally Perform and review penetration testing of applications and infrastructure Other duties as assigned Requirements and Skills: Bachelor's degree in Computer Science or related field with 2+ years of Security Operations or 5+ Information Technology experience Experience with IT Service Management (ITSM) and the ITIL Framework Excellent analytical and problem-solving skills Excellent organizational, communication, documentation and project management skills Proven ability to manage multiple priorities and drive continuous improvement Ability to work well independently or with a team Has familiarity and general understanding of security and privacy concepts Knowledge of Operational Processes (Incident, Change, Problem) Knowledge of programming languages (Python, Java or PHP) Knowledge of penetration testing of applications and infrastructure Knowledge of Windows, UNIX and Linux operating systems Knowledge of networking systems Knowledge of cloud systems Updates job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations. Ability to adapt to rapidly changing environments Interested Certifications: CompTia + Certifications (Network, Security, CySA) ITIL Certification CISSP: Certified Information Systems Security Professional GSEC: SANS GIAC Security Essentials