Ref ID: 04837-0012278664

Classification: Security Network Engineer

Compensation: $121200.00 to $157500.00 yearly

Senior Cybersecurity Analyst

• 8-10yrs of experience

• Experience working as a senior level cybersecurity escalation engineer supporting the front-line analysts for escalations.

• 5-7 years of SOC (security operations center) experience, someone that has been on SME Incident management supporting.

• Experience writing playbooks, writing standard operating procedures.

• Experience writing alerting rules, running and managing Incident Bridges.

• Assist with projects when rolling out new technologies, and being the SME to other teams with these rollouts.

Responsibilities:

- Core Incident Response:

Mitigate and contain identified threats using approved incident response methodologies. Initiate escalation procedures and incident response processes as defined in operational plan. Perform analysis of security alerts to evaluate risk, determine containment action and identify required preventative measures. Support Cyber Incident Response actions to ensure proper assessment, containment and mitigation step is taken.

- SME support and Mentoring

Provide SME support and operational guidance in daily security incident response operation. Provide mentorship to improve technical capabilities of junior analysts within the sub-function.

- Threat Hunting and Case Analysis

Perform threat hunting and alert trend analysis to find inconspicuous threats. Identify trends, potential new technologies, and emerging threats which may impact the business. Operationalize actionable Threat Intelligence reports from internal and external sources.

- Improve Security Posture and Detection Capabilities

Manage the security monitoring enrollment process to ensure adequate coverage and effectiveness of all new and existing cloud and on-premise based applications, services and platforms Facilitate the development and tuning of SIEM rules to support enrollments and ensure high fidelity alerting Work closely with other cross-functional teams within Cybersecurity to identify gaps and improve cybersecurity posture

- Contribute to IR Playbook and SOP

Develop and review Incident Response Playbooks and SOPs to streamline incident response strategy and action across IR team.

- Partnership with Engineering and Business

Act as a liaison between cyber-defense, engineering, security architecture, network & system operations, and functional project teams to ensure effective project. Work with colleagues in other technology departments as well as the business and product offices to establish effective, productive business relationships.