Senior Cybersecurity Analyst
US Citizen or Green Card Holders Only
SIEM and EDR experience mandatory
This candidate is expected to possess a high level of knowledge and experience in various security domains and technologies with a focus on SIEM and advanced endpoint protection, detection and response. This resource will work closely with the defensive managed security services team to design, deploy, and support both a SIEM and Endpoint Detection and Response (EDR) platform as part of a larger defensive security service offering. This position is tasked with lifecycle ownership of the environment and works closely with Security Operations Center and back-office MSS teams. This role includes design, implementation and operational responsibilities for the SIEM & MEDR service line.
· Participate in the design, deployment, support and maturation of new and existing managed security services
· Develop detailed documentation of solutions and services that include runbooks, network diagrams, and process/escalation flows
- Determine security requirements by evaluating business strategies and requirements; researching information security standards; evaluating architecture/platforms; identifying integration issues; preparing cost estimates.
· Provide guidance, technical, and troubleshooting support on for managed security services offerings
- Develop, maintain, and deliver training material for the SIEM & MEDR program
- Build strong cross-functional relationships with other company teams, as well as with external partners, peers, and professional organizations
· Maintain quality assurance through adherence to established processes, procedures, baselines, and standards
· Define action plans that are simple to implement, effective at reducing risk, and as much as possible, utilize existing people, processes, and technologies
· Mentorship of other team members
· Fully understand and support the organization's vision, core values, goals, and objectives
A. Problem Solving and Analysis: responsible for both wide-impacting and complex services. When issues arise, the SME must consider the impact of both the problem and solution from many different angles. Solutions must also consider the impact to both internal and external users of the applications and services.
B. Independence: must exhibit a high degree of initiative. In addition, the position must maintain alignment with team/company goals and make judgments as appropriate. Timeliness of decisions is critical and must be effectively communicated to those affected.
C. Decision Making: carries the responsibility to work with applicable teams to drive solution decisions and move the effort forward as planned. While the Endpoint Protection SME may be responsible for decisions, they need to ensure alignment with stakeholders, markets, other functional groups, and clients.
· 5+ Years experience in Endpoint Protection technologies, Endpoint Detection and Response, Application White-Listing, VPNs, etc.
· 5+ Years experience administering & monitoring a SIEM platform
- 5+ years working with operational information security disciplines (e.g. incident response, security infrastructure management, or monitoring services)
- 2+ years Direct experience in the identification, development, modification, and ongoing management of enterprise-level response-based playbooks is required.
· Experience in delivering projects related to security technology implementation
· Experience within a Managed Security Service Provider (MSSP) environment
· Experience with a SOAR platform, including playbook/runbook creation as well as development of Python code that drives the automation of repeatable response processes.
· Understanding of security technologies & methodologies, including vulnerability management, CASB, NAC, DLP, Privileged Access, RBAC, SIEM, SOAR
· Proficiency in operating systems including Microsoft Windows, RHES, CentOS, Ubuntu Linux, and MacOS.
· BA or BS degree or equivalent combination of relevant education and experience
· Ability to multi-task and manage multiple priorities
· Ability to deal with changing priorities to complete tasks in a short period of time
· Exceptional organizational and time management skills
· Solid commitment to customer service with initiative and follow-through
· Excellent verbal and written communication skills to clearly communicate business-critical problems and solutions to customers
· Comfortable interacting at all levels within an organization
· Strong business acumen and a drive toward business growth
· Discipline to work remotely and communicate clearly