Information Security Analyst II

About The Position

Requirements

• 5+ years of experience in information technology.
• 2+ years working in a security operations center (SOC), a cybersecurity operations center or on a cybersecurity incident response team.
• High School Diploma or equivalent (GED)
• Experience collecting, organizing, and analyzing security data from enterprise monitoring tools, including SIEM, IPS, NAC, vulnerability scanners, Windows/Linux system logs, network scanners, log aggregation platforms, and EDR solutions.
• Experience with vulnerability management and penetration testing concepts and activities.
• Knowledge of MITRE ATT&CK framework.
• Professional Certification(s): ISC2 CISSP Certification, Microsoft Azure, Cisco, CompTIA, Security+, GSEC, or other relevant industry certification.

Responsibilities

• Be an initial triage point for all security-related tickets that come into the team's multiple queues (including triage, containment, and remediation).
• Understand the basic incident response lifecycle and the analytical mindset needed when it comes to triage and investigations.
• Excel at documentation and detailed notetaking, including SOP writing, incident reporting, email and instant messaging etiquette, and most importantly, documenting incident actions.
• Collect and analyze log data from complex, virtualized, multi-site computing environments and SNHU's technology ecosystem.
• Conduct real-time monitoring of security events from multiple sources and use analytical and problem-solving skills to identify, triage, analyze, investigate, and escalate information security events and alerts.
• Analyze digital evidence to identify indicators of compromise, adversary activity, root cause, incident timelines, and attack vector(s).
• Perform incident response activities like endpoint isolation, malware remediation, forensic analysis, malware analysis, community member interviews, and network traffic analysis.
• Perform investigation and escalation for complex or high severity security threats or incidents.
• Coordinate information security incident response according to SNHU's Information Security Incident Response Plan.
• Communicate with partners, in a non-technical manner, at all organizational levels as part of incident response and remediation activities.
• Design and implement or monitor information security incident remediation plans.
• Design, configure, deploy, and manage security tools (e.g. Splunk, Halcyon, Microsoft Defender, Tenable).
• Design, deploy, and manage detections and alerts for specific or common threat conditions.
• Design and implement standard operational processes for handling common incident types.
• Maintain automation scripts and other tools to enhance security operations effectiveness.
• Familiarity with enterprise security tools like Splunk, Tenable, Proofpoint tools, Microsoft Defender components, Office 365 tools, PowerShell, and multiple network tools.
• Demonstrate a deep source of ethics, integrity, and confidentiality.
• Can remain calm and function at the highest level during a crisis.
• Remain up to date on latest threat intelligence.
• Develop strategies and solutions that improve or mitigate the risks associated with these threats.
• Work cross-functionally across ITS and all SNHU departments to provide support, guidance, and technical implementations to include triage, containment, and remediation when applicable.
• Provide customer support according to SNHU's Core Values and understand how and when to escalate potential issues.
• Help with risk management, vulnerability management, security assessment, auditing, and security authorization projects, as directed by the university's Information Security Management team.
• Provide coaching/mentoring to junior analysts.
• Other duties and responsibilities as assigned.

Benefits

• High-quality, low-deductible medical insurance
• Low to no-cost dental and vision plans
• 5 weeks of paid time off (plus almost a dozen paid holidays)
• Employer-funded retirement
• Free tuition program
• Parental leave
• Mental health and wellbeing resources