Cyber Operations Lead ensuring coordination of cyber operations between the Security Operations Center and internal business units. Enhancing security through effective incident response and threat management initiatives.
HB
Hybrid Cybersecurity Operations Analyst, Third Shift
Posted 3 months ago
About the role
- Cybersecurity Operations Analyst reviewing security events and responding to potential threats. Collaborating with Cybersecurity and IT Operations teams for incident management.
Responsibilities
- Review security events to identify and prioritize potential threats and identify trends utilizing various tools and technologies
- Analyze available data sources, security tools, and threat trends to identify attacks against the enterprise
- Perform incident response, issue resolution, assessment, and communication of security risks to the enterprise
- Recommend and implement defensive measures derived from information collected from a variety of sources
- Participate in the day-to-day security operations monitoring and response from the Cybersecurity Operations Center
- Perform malware analysis, reverse engineering, and de-obfuscation techniques
- Evaluate, respond, and mitigate alerts that originate from the SIEM and the Cybersecurity product suite, e.g. NGFWs, IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, etc.
- Implement or recommend mitigations including the creation and development of new alerts and rules within the various cyber security tools
- Analyze and identify malicious activity during the various attack stages
- Maintain a high level of technical expertise on Cyber Security defense-in-depth technology and best practices by performing ongoing research and engagement to maintain awareness of industry trends, best practices
- Collaborate with the Cyber Security Engineering and IT Operations teams
Requirements
- Bachelor’s degree
- 3 years of experience in Cybersecurity
- Familiar with common attack vectors, DDoS attacks, Phishing, web & application attacks, and malware
- Knowledge of common critical network protocols and layer 7 technologies such as SMTP, HTTP, HTTP/S, SSL/TLS, DNS, FTP, SSH, and others
- Familiar with a SIEM platform and various cyber security technologies such as EDR, AV, IDS/IPS, and WAFs
- Familiarity with advanced persistent threats and their tactics, techniques, and procedures
- Familiarity with the incident response Kill Chain
- Fundamental understanding of Windows, Mac OSX, and Linux operating systems
- Fundamental understanding of OSI model, basic networking and troubleshooting concepts
- Experience with programming or scripting, including PowerShell, Bash, Python, Yara, and Perl
- Intermediate knowledge of incident response frameworks and handling procedures
- Understanding and knowledge of various log formats from a variety of network and computer devices
- Knowledge of Cyber risks and threats related to Cyber attackers
- Knowledge of recent Cyber events and interpreting kill chain process and threat impacts
- Presentation, analytical, and critical-thinking skills
- Occasional travel may be required (<10%)
Benefits
- Tobacco-Free Hiring Practice
- Flexible work arrangements
- Professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Solution Sales Manager enhancing revenue in financial services, focusing on ServiceNow IRM and Tanium solutions. Collaborating with teams and engaging C - level executives in Austria and Switzerland.
Senior Internal SOC Analyst leading security triage and investigations for Darktrace, utilizing AI - driven cybersecurity technology. Collaborating on incident response and mentorship within a hybrid work environment.
Security Operations Intern responsible for security monitoring at Paddy Power Betfair. Involves data loss prevention investigations and content filtering analysis with a commitment to improving security posture.
SOC Analyst L2 responsible for managing and analyzing security incidents in digital transformation. Contributing directly to the protection of companies and infrastructures.
SOC Analyst L3 managing and analyzing security events and incidents for Var Group. Responsible for incident management and proactive threat analysis.
Senior Manager leading global IT security operations to protect company data and assets at Keenova. Overseeing incident response, monitoring, and cybersecurity capabilities with strategic oversight.
Security Operations Center leader at Woven by Toyota, managing triage and response to security alerts in Japan. Collaborating with global SOCs to ensure 24/7 operations.
GSOC Analyst responsible for security operations at Paramount Studios. Developing workflows, incident response, and risk monitoring in a dynamic team environment.
Senior Cybersecurity Analyst enhancing detection and response capabilities at Insulet, focusing on threat detection and incident response.