Senior Information Security Operations Analyst - Deerfield Beach, United States - Jmfamily
![Default job background](https://contents.bebee.com/public/img/bg-user-ex-1.jpg)
Description
Senior Information Security Operations Analyst page is loadedSenior Information Security Operations Analyst
Apply
locations
Florida - Deerfield Beach
Hybrid
time type
Full time
posted on
Posted Yesterday
job requisition id
JR102167
The
Senior Information Security Operations Analyst
is a member of the Information Security department and plays a pivotal role serving as the technical escalation resource for all Tier I/II analysts and engineers.
Cyber Security resource you will investigate, assess, and document cyber threat and attack events to aid in the protection from new emerging threats and attacks Your goal is the successful safety and security of our organization's information, network, and computer systems.
This position is located at our sunny southeast Florida Deerfield Beach Campus and offers 2 days a week remote work flexibility.
Responsibilities:
Investigate and document events to aid incident responders, managers and other Security Operations team members on security issues and the emergence of new threats.
Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.
Create and maintain data security documentation, policies and procedures.Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
Evaluate current Security Operations standards and procedures and update or author new content as required.Leverage a deep understanding of current and evolving security threats and threat detection solutions as well as contribute to the company's threat and vulnerability research and IT security strategy and roadmap.
Leverage automation and orchestration solutions to automate repetitive tasks. (Scripting abilities with Python are highly desired.)Seek opportunities to drive efficiencies and collaborate with other technology teams (e.g. NOC, Service Desk)Partner with the security engineering team to improve tool usage and workflow Partner with MDR and internal teams to mature monitoring and response capabilities.
Adhere to service level agreements (SLAs), metrics and business scorecard obligations for ticket handling of security incidents and events.
Leverage knowledge of security on multiple platforms and disciplines (Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security and data networking)
On major incidents, acts as incident commander and primary point of contact.
As a senior member of the team, monitor and process responses for security events on a 24x7 basis. (Periodic on-call shift coverage)
Desired Skills:
Experience working with various SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP and other network and system monitoring tools.
Extensive experience in Incident Response, Incident Handling and Security Operations
Experience in digital forensics preferred to include processes and procedures for collecting and preserving digital evidence, data acquisition, and forensic analysis of data
Ability to conduct multi-step breach and investigative analysis to trace the dynamic activities associated with advanced threats
Perform investigation and escalation for complex or high severity security threats or incidents
Advanced knowledge and expertise in the use of SIEM technologies for event investigation
Assist in defining and driving strategic initiatives
Coordinate evidence/data gathering and documentation and review Security Incident reports
Qualifications:
Bachelor's degree in Information Technology/Security or 10 years of progressive experience in the IT / Information Security space required.
Excellent Project management skills, including ability to create and maintain security project plans, schedules, metrics and progress
reports/presentations.
Experience working with change management principles and operations.
General knowledge and understanding of information security and privacy-related regulations.
Ability to plan, organize, and prioritize a varied workload.
Experience driving measurable improvement in monitoring and response capabilities at scale.
Knowledge of a variety of Internet protocols
Critical thinking skills and the ability to solve problems as they arise
Ability to work effectively with technical and non-technical personnel in a cross-functional setting.
Ability to relate security principles and processes to business and other departments.
Proficient knowledge of the Microsoft Office suite required.
Strong written and verbal communication skills required.
Must be authorized to work in the US, no sponsorship or C2C.
Preferred Certifications
(any of the following a plus):
Certified Incident Handler (GCIH)
Certified Intrusion Analyst (GCIA)
Certified Ethical Hacker (CEH)
Certified Forensic Examiner (GCFE)
Certified Hacking Forensic Investigator (CHFI)
Certified Information Systems Security Professional (CISSP)
#LI-JC1
#LI-Hybrid
JM FAMILY IS PROUD TO BE AN EQUAL OPPORTUNITY EMPLOYER
JM Family Enterprises, Inc. is an Equal Employment Opportunity employer.
We are committed to recruiting, hiring, retaining, and promoting qualified associates without regard to age, race, religion, color, gender, sex (including pregnancy, childbirth and related medical conditions), sexual orientation, gender identity, gender expression, mental or physical disability, national origin, marital status, citizenship, military status, genetic information, veteran status, or any other characteristic protected by federal, state, provincial, or local law.
DISABILITY ACCOMMODATIONS
If you have a disability and require
a reasonable
accommodation to complete the job application process, please contact JM Family's Talent Acquisition department at
for assistance. If you have an accommodation request for one of our recruiting events, please notify us at least 72 hours prior so that we may
provide assistance
.
Similar Jobs (1)
Manager Information Security Operations and Cyber Defense
locations
2 Locations
time type
Full time
posted on
Posted Yesterday
#J-18808-Ljbffr