Security Analyst

Posted:
11/27/2024, 10:42:54 AM

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security

Important Information

Experience: +6 years

Job Mode: Full-time

Work Mode: Work from home

 

Job Summary

The Senior Security Operations Analyst will play a critical role within our organization's cyber security framework, specializing in security event analysis, detection, and response. The ideal candidate will have a strong background in security operations and a proven track record of handling complex security incidents. The ideal candidate will demonstrate a comprehensive grasp of cyber security fundamentals, proficiency in risk and vulnerability management, and a strong understanding of security event analysis and triaging in SaaS and Cloud production environments. 

Responsibilities and Duties

  • Review and analyze security alerts generated by the SIEM system, prioritizingand triagingalerts based on severity and potential impact
  • Manage and optimize security operation technologies and functions such as SIEM, TIP, andincident response case management to enhance the organization's security visibility
  • Evaluate security data sources and use cases for consideration in the improvement and expansion of the team’s detection capabilities
  • Lead incident response efforts, including investigation, containment, eradication, and recovery from security incidents and breaches. Participating in the team’s on-call rotation for critical incident escalations
  • Conduct root cause analysis and post-incident reviews
  • Develop and evangelize incident response playbooks and procedures for CSIRT
  • Steer the Cyber Threat Intelligence (CTI) program to continually monitor emerging security threats, trends, and technologies. Provide recommendations for improving security controls and processes to mitigate risks efficiently
  • Gather and analyze cyber threat intelligence from various sources, correlate it with security events and incidents, and provide actionable insights to the security team and stakeholders
  • Conduct proactive threat hunting activities to identify potential threats, develop and implement methodologies and tools, and document findings with recommended mitigation strategies
  • Monitor and analyze user behavior to detect potential insider threats, investigate suspicious activities and recommend appropriate actions, and develop and implement insider threat detection and response strategies
  • Provide guidance, support, and mentorship to junior team members who demonstrate a willingness to learn and take on new challenges
  • Aid in the gathering of evidence for compliance audits
Qualifications and Skills
  • Broad and deep knowledge of security concepts, principles, and best practices
  • 5-7 years information security and/or technology experience, 3+ years in a similar cyber security analyst role
  • Exceptional decision-making skills, demonstrating a track record of effectively evaluating the costs and benefits of various courses of action to find the optimal solution
  • Comfortable communicating with a broad audience, including executives, clients, and cross-functional teams
  • Skilled in the analysis of threat event data and recognition of tactics, techniques, and procedures (TTPs) employed by threat actors
  • Experience with operating and managing SIEM (e.g., Google Chronicle, Splunk) and
  • Endpoint, Detection and Response (EDR) tools
  • Familiar with scripting languages for automation (e.g., Python, Bash, PowerShell)
  • An understanding of applying MITRE ATT&CK or similar frameworks in enterprise environments 
  • Experience with cloud security and monitoring (e.g., AWS, Azure, Google Cloud)
  • Strong background in incident response and handling complex security incidents
  • Experience in cyber threat intelligence gathering and analysis and threat hunting methodologies and tools
  • CISSP, GIAC or comparable certifications strongly preferred 

About Encora 

Encora is a global company that offers Software and Digital Engineering solutions. Our practices include Cloud Services, Product Engineering & Application Modernization, Data & Analytics, Digital Experience & Design Services, DevSecOps, Cybersecurity, Quality Engineering, AI & LLM Engineering, among others. 

At Encora, we hire professionals based solely on their skills and do not discriminate based on age, disability, religion, gender, sexual orientation, socioeconomic status, or nationality.