The Cyber Security Operations Lead Analyst will be the main point of contact for all Security related incidents for the Cyber Security Operations team within the Global Security Organization. In addition to triaging and investigating incidents, the candidate will be responsible for leading and mentoring the analyst group. The candidate needs to demonstrate strong evidence of analytical ability, attention to detail and broad understanding of all stages of incident response.
A successful candidate for this position will have:
Skill and ability to conduct and/or support sensitive investigations involving log/data analysis using a SIEM tool by employing extensive investigative techniques
Experience in leading full life cycle of security incident, detect and response journey with the ability to see incidents to their conclusion
Experience with security tools such as SIEM, IDS/IPS, Firewalls and vulnerability scanners
Exposure to Incident Response, Threat Hunting, Threat Intelligence, Vulnerability Management among other cyber security streams
Strong presentation skills as well as proven experience in organizing and directing team work
Proven analytical, problem solving and prioritization skills
Excellent communication and technical writing skills
Responsibilities and Tasks
Responsibilities will include, but are not limited to, the following:
Lead the day to day 24x7 operations and shifts within the SOC
Provide technical and functional guidance to the team members regarding security event monitoring, incident analysis and response
Provide incident response support including triage, investigation and remediation.
Assist in the development and maintenance of dashboards, reports and alerts on the SIEM tool
Be up to date on the cyber security threat landscape, understand threat management framework to be able to manage and respond to the endpoint, cloud, and hybrid infrastructure threats
Regularly assess current security measures, identify monitoring gaps, and suggest new use cases based on evolving threats by working closely with security engineering teams.
Prepare/review analysis reports, identify threat vectors, provide suggestions for improving and fine-tuning existing use cases for security monitoring
Help improve team documentation, including run books, security standards, knowledge base articles and response procedures
Facilitate training/learning exercises to ensure SOC team proficiency and relevance
Participate in projects or initiatives where Security Operations support is needed, including contributing to security incident table-top exercises
Education Bachelor s Degree in Computer Science, Information Systems, or equivalent work-related experience.
Experience
6-8 years of experience in SOC and IR related functions, with hands-on experience of a SIEM tool to analyze complex data sets.