Security Analyst- IT
Typical Day in Role:
• Works as part of Cyber Automation & Defense (CAD) team and will be responsible for identifying security exposures in the organization’s network and advise on appropriate compensating controls.
• Works with other technology and security teams to develop use cases and implement controls needed to close exposures. The intent of the use cases is to detect and alert for security events.
• Thrives in a fast-paced environment coordinating multiple issues and threats that can be occurring simultaneously
• Solutions for multiple security domains (Security Management, Security Engineering, Identity and Access Management, etc.).
• Works on different types of projects (from large complex to simple)
• Collaborates with various business lines, IT support functions and IS&C Control function
• Analyze security exposures and identify the remedial and compensating factors in the organization’s network.
• Advise on appropriate implementation of compensating controls including priority and success criteria.
• Work with other technology and security teams to implement controls needed to close exposures.
Candidate Requirements/Must Have Skills:
1) 8+ years of hands-on technical working experience in management of security threats and use case development based on MITRE Framework
2) 2+ years’ experience in Google Security Command Centre (preferred) or Microsoft Defender
3) 2+ years’ experience building XDR content, securing databases/AIX/Unix/Linux/Mac
4) 2+ Experience building and running a TTTP framework methodology for pattern and behavior-based content development
5) 2+ years’ combined experience with involving red team (Vulnerability Assessments, Web app assessments), consulting (Compliance, policy creation), SOC and Device Management
• Bilingual in Spanish is a strong asset
• Experience conducting security research
• Experience with having sized, deployed, maintained, and hardened SIEM and NGFW solutions
Soft Skills Required:
• Has advanced communication (verbal/written/presentation) skills
• Strong problem-solving skills, collaborating across the organization to solve complex problems
• Strong team player – needs someone who can collaborate effectively
• Post-secondary education in Computer Science or in a related field
• Certifications (CISSP, CISM, CCSP, CRISC) are nice to have