Vacancy expired!
- Analyze system-generated indicators to identify patterns that would alert potential security incidents or threats
- Identify, clarify, investigate and (where appropriate) escalate circumstances of concern to incident managers
- Direct the work of junior analysts on shift in a 24/7 operations center to minimize intrusions and expedite threat mitigation
- Conduct additional discovery and forensic investigations under the direction of incident managers
- Evaluate escalated events of concern identified by junior analysts to determine scope of impact, severity and appropriate next steps
- Mentor, train and assist Analyst 1s and 2s
- Carry out assigned investigation analysis of technology audit recommendations
- Monitor and report on audit remediation efforts
- Provide regular updates to manager on project/account status
- Conduct complex investigative assignments demonstrating judgement in selecting methods and techniques to obtain creative solutions
- Working knowledge of current information security practices, trends, and technologies
- Education: Bachelor's degree in computer science or related field
- Work experience:
- 4 years of experience in Information Security, IT and/or Computer Science, including expertise in: SIEM, ServiceNow Application Development, attacker tactics and incident handling, and continuous monitoring
- These skillsets will be validated via an internal independent assessment (pass rate of 65%)
- Ability to recognize patterns of known security compromise from log information and identify new exploits when they present themselves
- Working knowledge of networking protocols and technologies
- Demonstrates experience working on ServiceNow Application Developmentincluding Script Includes, Business Applications, ServiceNow ACLs, Workflows, Update Sets, etc.
- Demonstrates experience with ServiceNow Service Portals
- Demonstrates experienceintegrating third party applications with ServiceNow
- Working knowledge of information security tools, technologies, threats, and practices
- Demonstrated experience with Windows and Linux operating systems, command line interfaces, and associated security concerns
- Demonstrated experience using a SIEM or data aggregation tool to analyze data sets and identify trends, anomalies, and actionable intelligence
- Working knowledge of IT organization patterns
- Strong professional written and oral communication skills
- Detail-oriented with the proven ability to follow instructions
- Works well with others, especially those in complementary roles
- Able to mentor and train junior analysts
- Ability to work effectively in a 24/7 environment
- Experience with Continuous Monitoring operations in an enterprise environment
- This job operates in a professional office environment
- To successfully perform the essential functions of the job there may be physical requirements which need to be met such as sitting for long periods of time and using computer monitors/equipment
- One or more of the following certifications: GSEC, GCED, GCDA, GCIA, GCIH, GMON
- Experience in a security operations center or within an enterprise information security program