Information Security Operations Analyst

About The Position

Requirements

• 1-2 years of experience working in a security operations center or similar environment triaging cybersecurity incidents.
• Microsoft Certified: Security Operations Analyst Associate certification, the CompTIA CySA+, the GIAC SOC, or an equivalent certification or experience.
• Ability to understand and practice the CIA Triad of Confidentiality, Integrity, and Availability in all aspects of their job duties.
• Ability to install software and maintain and secure their own computing devices and tools.
• Familiar with the Microsoft Windows family of operating systems and at least one Linux or Unix distribution (Ubuntu, Kali, macOS, etc.).
• Experience with capturing and analyzing network packets.
• Strong understanding of modern networking and the Open Systems Interconnect model and 5-tuple.
• Must possess strong documentation skills for the purposes of forensic analysis.
• Ability to work under pressure and quickly handle multiple security incidents simultaneously.
• Must be detail oriented and thorough.
• Ability to compartmentalize sensitive information and employ the philosophy of need-to-know in all communications and disclosures.
• Ability to work independently and with minimal supervision within their assigned job duties without affecting quality, thoroughness, or timeliness.
• Must be flexible and adapt to changing conditions and multiple priorities on a regular basis.

Nice To Haves

• Experience with Microsoft security solutions like Defender XDR, Sentinel, and Intune are preferred.
• Experience with Tenable One Exposure Management Platform or Nessus Vulnerability Scanner is a plus.
• Experience with securing cloud environments like Microsoft 365, Microsoft Azure, and Amazon Web Services is a plus.

Responsibilities

• On a constant, daily basis throughout their scheduled shift, review Microsoft Defender and Microsoft Sentinel tools for potential cyber threats like malware infections, phishing attempts, and unauthorized access.
• Document suspected threats within incident handling logs, triage the threat, report the threat to the Senior Security Operations Analyst or the Director of Information Security, and investigate the threat as directed.
• On nights and weekends, respond to high priority threats escalated to the Information Security Team by Peckham’s managed threat detection and response partner, Critical Start. These incidents average 1-2 per week.
• As guided by the Director of Information Security, assist the Senior Security Operations Analyst with using Tenable and other tools to identify new software and hardware vulnerabilities affecting Peckham’s information systems, prioritize the vulnerabilities, and report them to the appropriate remediation team(s).
• Track remediation progress and report status to the Director of Information Security.
• As needed, assist the Senior Security Operations Analyst with open incident investigations and response actions.
• In the absence of the Senior Security Operations Analyst, assume primary responsibility for cyber threat detection and response activities.
• As requested by and under the guidance of the Director of Information Security, the Security Operations Analyst will perform various tasks associated with the implementation of information security-related projects.
• Continuously gather threat intelligence via multiple sources like email lists and social media to stay aware of threats and risks to Peckham.
• Utilizing training opportunities provided by Peckham, commit to continuous improvement of cybersecurity skills through training and certification.
• Maintain a safe and clean work environment.
• Promote Peckham’s vision values and services to all customers and stakeholders.
• Assist in maintaining organizational wide quality standards.
• Other duties as assigned.

Benefits

• generous PTO policies
• modern facilities
• pet friendly work sites
• free fruit
• fitness classes
• massages available for purchase
• opportunities for flexible work arrangements