Information Security, Sr Analyst SecOps
Summary
The Information Security, Sr Analyst SecOps is responsible for maintaining confidentiality, integrity, and availability for all cyber security systems. This person will operate and maintain security software including but not limited to email security, endpoint detection and response (EDR), vulnerability management, security incident and event management (SIEM) and network detection and response (NDR). Analysts will maintain a daily checklist and create security incidents as appropriate for any findings. Analysts will also support the governance, risk, and compliance functions by monitoring security stack agents’ saturation. Finally, all actions performed by analysts will be recorded into the security incident software to ensure service level agreements are being met.
The Sr Analyst SecOps will need to demonstrate technical knowledge across different security principles and techniques, like: DLP, Vulnerability Management, EDR, Email Security, SIEM, Network Security, Encryption, and cybersecurity best practices. Ideally, this person will have strong knowledge and experience with security products like: Splunk, CrowdStrike, ZScaler, Qualys, Fidelis, Abnormal, Active Directory (AD) and Azure AD. They will also need to develop business knowledge during their tenure so that security strategies are met while providing the best user experience possible.
Essential Duties and Responsibilities include the following. Other duties may be assigned.
- Work with other IT Teams for vulnerability remediation and validation.
- Execute risk/threat-hunting activities.
- Perform security incident response activities.
- Evaluate, setup and configure security products.
- Administrate security products as part of day-to-day operations.
- Resolve security products issues that impact business operations.
- Review audit, security, and system logs and correlation with SIEM.
- Work on blue, purple, and red team exercises.
- Participate in change control meetings for evaluation of risk.
- Develop, document, and improve processes for security operations.
- Evaluate and identify security risks and report findings to management.
- Evaluate IOCs and TTPs from classified sources and extrapolate them for consumption into cyber defense tools.
- Contribute to assisting, training, and supporting other team members.
- Ensure all information security systems are operational and within SLAs.
- Track all security incidents and ensure items are being resolved within SLAs.
- Create reports and develop metrics and KPIs for cyber security tools.
- Stay up to date on trends and new tools in the security industry.
Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed below are representative of the knowledge, skill and/or ability required.
Education and/or Experience
Bachelor’s degree in information security, Information technology, Computer Science or other related technology degree. Industry certifications like (ISC)2CISSP, ISACA CISM, CompTIA Security+, CompTIA Network can also satisfy the education requirement. Experience with cyber security products (CrowdStrike, SentinelOne, ZScaler, Netskope, Splunk, Abnormal, Proofpoint, Fidelis, ExtraHop).
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
