Information Security Operations Analyst

Roles & Responsibilities

• Coordinate with infrastructure teams in the testing, implementing, deploying, maintaining, reviewing, and administering of monitoring infrastructure.
• Develop content for monitoring infrastructure (SIEM, Netflow, etc.), including Use Cases, Dashboards, Reports, Rules, Filters, and Trends.
• Optimize data flows using aggregation, filters, etc.
• Develop, maintain, and disseminate documentation (Playbooks, SOPs, Work Instructions) required to effectively maintain controls effectiveness and demonstrate return on investment.
• Coordinate with Incident Response (IR), Threat Detection & Response (TDR), Threat Intelligence (TI), and Vulnerability Management (VM) analysts to manage and administer the updating of rules and signatures for monitoring business-critical systems and applications.
• Identify potential conflicts with the implementation of monitoring tools within the Security Analytics area of responsibility.
• Assist in identifying, prioritizing, and coordinating the monitoring of critical business infrastructure and key resources.
• Communicate technical information to non-technical audiences and advise staff on Cybersecurity issues and approaches.

Experience Required

• Previous experience in network monitoring platforms.
• Proven ability to act independently and to execute with limited information and ambiguity.
• Experience in developing content for monitoring infrastructure, including Use Cases, Dashboards, Reports, Rules, Filters, and Trends.

Skills & Certifications

• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
• Excellent analytical and problem-solving skills.
• Ability to act independently and execute with limited information and ambiguity.
• Detail-oriented with the ability to promptly assess logs for accuracy and consistency.
• Strong interpersonal skills with the ability to influence others positively and effectively.
• Ability to work in a team environment.
• Excellent communication skills, both oral and written.

Eligibilities & qualifications

• Preferred Certifications: CISSP, GIAC Practitioner certifications, etc.
• In-depth knowledge of security concepts, cyber-attacks and techniques, threat vectors, risk management, and incident management.
• Strong analytical, problem-solving, and interpersonal skills.
• Excellent communication skills, both oral and written.
• Ability to work effectively in a team environment and communicate technical information to non-technical audiences.