Senior Security Operations Analyst

About The Position

Requirements

• Five years of experience in cybersecurity, working in a Cyber Security Operations Center.
• Experience responding to significant cyber incidents which may involve Organised Crime and Nations State threat actors.

Nice To Haves

• Bachelor’s or Master’s Degree in Computer Science, Cyber Security or related field (or equivalent experience).
• Three years working in a Cyber Security Operations Centre.
• Experience working across international manufacturing.
• Understanding of security controls and how they are used to detect and respond
• Knowledge of common network protocols, edge routing technologies, firewall/IDS/IPS, SIEM, EDR/XDR.
• Ability to communicate complex problems succinctly.
• Ability to work within a team environment, sharing workload and responsibility.
• CISSP, GCIA, GCDA, GSOC, GCIH.

Responsibilities

• Operate as part of a 24 /7 Cyber Security Operations (SecOps) team that continuously monitors the security of the company.
• Undertake the timely triage of security alerts to allow for rapid incident detection and response.
• Perform deep-dive analysis of security events, logs, network traffic and forensic data to determine root cause, identifying suspicious and / or anomalous activities and taking appropriate action based on documented processes and procedures.
• Recommended modifications to internal defences and processes for more effective and efficient security operations.
• Manage security incidents through all phases of the incident response lifecycle from identification through to closure.
• Ensures that delegated response and remediation actions are completed in line with SLAs.
• Provides expert analytic investigative support of complex security incidents.
• Supports the tuning of all security tooling and the development of bespoke correlation rules / use cases aligned to business operations, internal risk profiles and current threat intelligence.
• Ensure that the automation and orchestration of day-to-day operations is maximised, and that analysis / response activities are performed as efficiently as possible.
• Execute L2/L3 event or incident response and investigations into suspicious activity.
• Shape the operations to successfully manage cases, lead the response process, and delegate tasks to junior incident responders and MSSP analysts.
• Generate post-incident reviews to ensure gaps are closed to prevent future events.
• Collaborate with Threat Intelligence to groom threat feeds and help translate findings.
• Help prioritize content, develop, and implement playbooks and runbooks.
• Be a key member of the Cyber Incident Response Team (CIRT) during major cyber incidents.
• Establish and maintain relationships with other investigation and remediation teams within the company, working closely with them to address the full spectrum of security issues.
• Lead efforts in developing security awareness training for the broader organisation.

Benefits

• competitive pay
• comprehensive benefits program
• generous 401(k) plan
• tuition reimbursement
• time off programs
• 6 months paid parental leave
• healthcare programs
• discretionary bonus