Senior Information Security Analyst (Remote)

First American•Santa Ana, CA

2d•Remote

About The Position

Who We Are Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for ten consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com. What We Do Responsible for supporting the Information Security awareness program initiatives, including protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. What You’ll Do Acting as a technical analyst in developing processes to proactively monitor, detect, and respond to security threats, including the ongoing refinement and enhancements of security controls and configurations for security monitoring systems. Monitor information security systems, alerts and indicators of compromise used to protect the network from attacks and identify compromised systems. Work proactively to identify, develop, and implement incident response processes and procedures to mitigate security risks. Work with a Managed Security Services Provided (MSSP) to respond to escalated security incidents. Provide level 1 and level 2 security incident support, analyze incidents, and determine proper remediation actions. Identifies, advises, and contributes to system and alert tuning to ensure security related events are properly prioritized and addressed. Contributes to the execution activities in the areas of incident response, risk identification, analysis, classification, and mitigation strategies. Contributes to the ongoing development and enhancement of the incident response plan and associated incident response playbooks. Contributes to the execution activities in the areas of security risk identification, analysis, classification, and mitigation strategies. Advise customers on security requirements, internal security policies, and security best practices. Provide training and support related to security incidents and requests to other junior level analysts on the team. Identifies/receives problem, research alternatives, prepares analysis and determine best remediation actions to address issues at hand. Conducts risk assessments, interviewing internal and external customers, to gain technical knowledge of security/compliance requirements. Creates reports; researches and analyzes data, report trends and vital information to management/business partner. Keeps abreast of industry advancements and incorporates that knowledge into daily work activities. Research and stay abreast of emerging technologies, new vulnerabilities and exploits that may compromise internal systems. Track, analyze, and report security metrics and propose counter measures to address security trends that are not in line with company’s desire risk profile. Contribute to the evaluation, testing and implementation of new security systems and processes. Assist internal audit and disaster recovery activities as needed. Develops and maintains documentation for all assigned responsibilities. Required to perform duties outside of normal work hours based on business needs.

Requirements

Knowledge and Skills/Technology Used
Experience working in a Security Operations Center (SOC) environment, using and analyzing alerts from various systems such as SIEM, Cloud Services, Email Security Gateways, Endpoint Security.
Experience in creating, evaluating, and tuning threat detection logic in a SIEM platform.
Experience in implementing Information Security technologies and/or processes
Experience in product evaluations and analysis
Excellent written and verbal communication skills
Excellent interpersonal, relationship-building and teamwork skills
Self-motivated; self-starter
Ability to manage multiple tasks, respond quickly to emergent problems, and focus both on long-range projects and immediate tasks
Proficient in Microsoft Word, Excel and PowerPoint
Generally, requires a BS Degree in Computer Science, Information Technology, Telecommunications, or Electrical Engineering, or equivalent work experience.
Must have minimum 3 years information security experience
1+ years of consecutive hands-on experience working in a SOC environment, utilizing industry leading network security monitoring technologies, application, web, database and Security Event and Information Management (SIEM), IDS/IPS, endpoint, email security gateways and DLP technologies.

Nice To Haves

License or Certification CISSP, GIAC, CCNA, CCNP preferred

Responsibilities

Acting as a technical analyst in developing processes to proactively monitor, detect, and respond to security threats, including the ongoing refinement and enhancements of security controls and configurations for security monitoring systems.
Monitor information security systems, alerts and indicators of compromise used to protect the network from attacks and identify compromised systems.
Work proactively to identify, develop, and implement incident response processes and procedures to mitigate security risks.
Work with a Managed Security Services Provided (MSSP) to respond to escalated security incidents.
Provide level 1 and level 2 security incident support, analyze incidents, and determine proper remediation actions.
Identifies, advises, and contributes to system and alert tuning to ensure security related events are properly prioritized and addressed.
Contributes to the execution activities in the areas of incident response, risk identification, analysis, classification, and mitigation strategies.
Contributes to the ongoing development and enhancement of the incident response plan and associated incident response playbooks.
Contributes to the execution activities in the areas of security risk identification, analysis, classification, and mitigation strategies.
Advise customers on security requirements, internal security policies, and security best practices.
Provide training and support related to security incidents and requests to other junior level analysts on the team.
Identifies/receives problem, research alternatives, prepares analysis and determine best remediation actions to address issues at hand.
Conducts risk assessments, interviewing internal and external customers, to gain technical knowledge of security/compliance requirements.
Creates reports; researches and analyzes data, report trends and vital information to management/business partner.
Keeps abreast of industry advancements and incorporates that knowledge into daily work activities.
Research and stay abreast of emerging technologies, new vulnerabilities and exploits that may compromise internal systems.
Track, analyze, and report security metrics and propose counter measures to address security trends that are not in line with company’s desire risk profile.
Contribute to the evaluation, testing and implementation of new security systems and processes.
Assist internal audit and disaster recovery activities as needed.
Develops and maintains documentation for all assigned responsibilities.
Required to perform duties outside of normal work hours based on business needs.

Benefits

Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.
Our people are the foundation of First American’s success and that is the reason we put them first.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume