Description
The Continuous Monitoring – Security Operations Analyst will play a key role in the operationalization of the enterprise-wide Continuous Monitoring program.The individual should possess a strong background of cybersecurity operations, the evolving threat landscape, as well as a clear understanding of its relevance to financial services.
Responsibilities:
• Work closely with Security Engineering, Operations teams and Application Teams, this individual will be responsible for providing operational expertise in the detection, containment, and remediation of threats to critical systems
• Demonstrate ability to quickly understand existing security tools and those implemented as part of the Security Operations program, the individual will provide subject matter expertise to Security Operations function as it relates to critical systems
• Directly contribute to continuous improvement efforts as it relates to people, process and technology within the CSO organization by providing actionable output from operational work to drive maturity enhancements in the detection, reporting and remediation of threats
• Support in the development and implementation of new cyber monitoring use cases, enhancements to vulnerability management and remediation processes to ensure compliance with security and information technology architecture and standards
• Support improvement efforts through use of established metrics, KPIs and KRIs to drive continuous technology and process efficiencies for strategic maturity of the Continuous Monitoring Program and Security Operations
• Work with stakeholders to gather functional requirements for Security Operations tooling and workflow improvements to enable application owners’ resolution of application vulnerabilities
Requirements:
• Prefer a Bachelor’s degree in Cybersecurity or equivalent technical field is required
• At least 3-5 years of experience in Information Security Operations with a strong foundation in Information Technology
• Advanced knowledge of application security monitoring concepts, threats and security architecture
• Previous hands-on experience in Splunk Enterprise Security is a must (i.e. Splunk Power User, Splunk Administrator certifications)
• Knowledge of the threat landscape, adversary tactics, techniques, and procedures (TTP), general attack stages, kill-chain and attack types
• Proficiency in producing appropriate written and oral reports and presentations for all levels of leadership; working level proficiency in English is a must
Education / Certification
• Degree from an accredited college or university (or equivalent) in a IT or data analytics field preferred
• Splunk Certifications required (Splunk Power User, Splunk Administrator)
• Security certifications are a plus (e.g. GCIH, GCIA, ECIH, CEH, OSCP, OSCE, GCFA, CSIH, CISSP) and/or technical certifications (e.g. CCNP, MSCE)