Description
The Security Operations team is looking for an experienced Cyber Security Analyst with a strong passion for information security and a burning desire to learn
This individual will participate in security monitoring, active investigations, respond to security incidents, and perform forensics on IT systems
We value strong technical expertise combined with a relentlessly curious nature, to investigate and analyze large sets of data
Essential Key Responsibilities/Job Summary:
1. Incident Response activities: drive security operations analyst s activities, communicate with Security and Technology management, and document investigation activities.
2. Process Improvement: Execute, develop, and document Incident Handling Guides and processes.
3. Malware Analysis: Analyze and interpret malware, exploit, and insider threat activities
4. Forensics: Perform forensic analysis on cloud, memory, disk, and other system and network artifacts to identify indicators of compromise.
5. Cloud: Manage alerts related to cloud platforms including GCP and AWS and perform IR activities on cloud resources.
6. Alerts: Analyze and tune security alerts and interpret events, as well as develop new alerts based on signatures and behavioral activities
7. Identify Gaps: Investigate and document gaps in controls, event data, and work with internal teams to resolve.
8. Reporting: Develop monthly reporting dashboards on incidents and response capabilities, engage with business leaders on relevant threat/risk issues.
Education/Experience and Competencies:
1. Minimum 5 to 9 years of information security experience; specifically, around incident response, malware analysis, and technical investigations
2. Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles.
3. Working knowledge of cloud including GCP and AWS
4. Knowledge of common networking services and protocols.
5. Experience with common security technologies (IDS, Firewall, SIEM, etc.)
6. Experience with common security technologies (IDS, Firewall, SIEM, etc.)
7. Strong written and oral communication skills with the ability to explain technical ideas to non-technical individuals at any level