Primarily responsible for executing the security event assessment of security events from SIEM reporting systems, identify threats to our environment, remediate security threats and recovery of systems from security incidents.
Works closely with Level 2 & Level 3 team towards the continuous improvement of the service.
Responsible to ensure that all applications are functional and secure (IT security, Application Security and Information Security).
Perform real time security monitoring and incident response activities across the global networks, leveraging a variety of tools and techniques.
Detect incidents through use cases, threat intelligence and hunting process across security-relevant data sets.
Recommend new, repeatable methods for finding malicious activities.
Ensure all standards including Security Incident Response Process and guidelines are followed.
Must be able to communicate effectively with individuals at all levels of the organization.
Provides correlation and trending of critical cyber incident activity.
Improving the service level for security operations and monitoring.
Creating and maintaining system documentation for security event processing.
Author Standard Operating Procedures (SOPs) and training documentation.
Analyze incident indicators and tactics, techniques, and procedures (TTPs) to identify tools, provide context and severity.
Manage and maintain security tools to increase incident response efficiency.
Improve ability to detect and respond to intrusions.
Help create and maintain process and tools documentation.

Requirements

Bachelor’s Degree from four-year college or university in Information Technology, Information Security/Assurance, Engineering or similar area of study required.
Prefer 1-2 years SOC/ Information Security experience.
Prefer Experience working as part of globally distributed teams.
Prefer 1-2 years Managed Services experience.
Prefer 1-2 years Azure Cloud security experience.
Prefer 1-2 years MS Sentinel experience.
Prefer 1-2 years EDR technologies experience.
Preferred candidates will have one or more certifications in Security/Networking including Security+, GSEC, GCIA, GCIH, or other security specific vendor/product certifications.
Proven ability to make decisions and perform complex problem solving activities under pressure.
Sharp analytical abilities and the ability to make sound decisions quickly are required.

Benefits

Health & Welfare Benefits: Comprehensive plans tailored to your needs, effective from day one.
Retirement Savings: Robust programs to help you secure your financial future.
Employee Discounts: Access to a wide range of discounts on merchandise, services, travel, and more.
Career Growth Opportunities: Paths for advancement within a global organization.
Paid Training: Learn while you earn with award-winning learning platforms.
Paid Time Off: Competitive PTO packages to help you recharge.
Great Work Environment: Join an award-winning culture that values diversity and inclusion.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security event assessmentincident responsethreat intelligencemalicious activity detectionsecurity monitoringcyber incident analysisincident indicators analysisTTPs analysisprocess documentationSOP authoring

Soft Skills

effective communicationproblem solvinganalytical abilitiesdecision makingteam collaborationservice improvementdocumentation skillsadaptabilityattention to detailtime management

Certifications

Security+GSECGCIAGCIHsecurity specific vendor certifications