Job Details – this job has expired, please see similar jobs below
The Company Global Information Security division (GIS) is looking for positive, qualified security specialists to join the Cyber Security Operations/Defense, Monitoring and Triage team.
The M&T team directly supports the Security Operations Center/Capability (SOC) by identifying, onboarding and optimizing level one processes so that the SOC can perform initial triage for other operational teams that ultimately own a control or process.
A strong customer relationship must be forged between partner operational teams in order to support legacy processes, as well as to identify new opportunities ongoing. A customer-service and consultant mindset is important so that there is a purposeful, proactive effort to help partners/customers discover opportunities in level one processes, whether that be through transfer of new work to the SOC, or the optimization of existing work through optimization, efficiencies, and automation.
This sort of operational excellence is achieved through the proactive analysis and measurement of SOC effectiveness via metric collection and pattern identification. Our primary mission is the monitoring and timely triage of security events, mastery of the technologies and information we analyze, maintaining expert-level knowledge of detection tools and techniques, and proper escalation of incidents for immediate response, containment and recovery.
We are looking for talented, well-rounded, self-motivated professionals who have a strong passion for cyber security, are exceptional written and verbal communicators, and have a serious desire to learn.
These individuals should be interested in being challenged on a daily basis to stay one step ahead of an ever-changing landscape of threats and adversaries.
We are also looking for individuals that are interested in working both collaboratively and independently to hunt down and identify anomalous and malicious activity, wherever it may be. Whether you are a seasoned cyber security professional or new to the field, we are looking for new team members to join us in defending our company as the first line of defense.
Responsibilities will include:
Effectively manage and lead SOC analysts
Ensure event triage is occurring on time
Ensure event triage is effective and accurate
Ensure capacity measurement is occurring and is within acceptable boundaries, allowing for burst capacity
Foster mentor relationships, based on personality and career aspirations, opportunities
Ensure Critical Thinking is being taught and utilized by SOC analysts
Assist SOC analysts in career development
Define and maintain new analyst on-boarding documentation and curriculum
Define and maintain training requirements
Assist in identifying any new processes the SOC can onboard
Maintain clear, consistent, accurate and dynamic documentation
Proactive relationship building and maintaining of existing relationships
Data pattern and trend identification via metric analysis, driving operational excellence and improvement
Maximize resource utilization (human, tools, etc) through data analytics
Quality Assurance, ensure tickets are triaged correctly
Training SOC analysts on new and updates processes and tools
Weekly On-Call rotation, escalation point for after-hour queries or assistance for SOC staff
Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate and understand cyber security incidents to the fullest extent of the data available
Tuning of rules, filters and policies for detection-related security technologies to improve accuracy and visibility
Data mining of log sources to uncover and investigate anomalous activity
Maintaining documentation of playbooks and procedures
Proper escalation and hand-off of security incidents for response, containment and recovery
Effective communication in both written and verbal form of event findings, analysis, current state
Excellent verbal and written communication skills
Flexibility, comfortable with change
Fast typing skills
Exceptional organizational abilities and attention to detail
Critical thinking, seeing beyond face-value
The ability to think creatively to find elegant solutions to complex problems
The ability to work both independently and collaboratively within a larger team
A willingness to be challenged along with a strong appetite for learning
Basic knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles, networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.)
Basic understanding of common security technologies (IDS, Firewall, SIEM, etc.)
3-5 years of experience in Cyber Security, Incident Response, or a related field
Prior experience detecting and analyzing security events and/or responding to security incidents
Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies
Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.)
Knowledge of common security analysis tools & techniques
Understanding of common security threats, attack vectors, vulnerabilities and exploits
Search query language basics (SQL, Splunk, etc)
Programming experience (Python, Perl, etc.)
Knowledge of regular expressions
Shift:1st shift (United States of America)
Hours Per Week: 40
Sign up and search through 66,691 curated jobs in the Finance & Investment Edition: