The senior security operations analyst will play a critical role within our organization's cyber security framework, specializing in security event analysis, detection, and response. The ideal candidate will have a strong background in security operations and a proven track record of handling complex security incidents. The ideal candidate will demonstrate a comprehensive grasp of cyber security fundamentals, proficiency in risk and vulnerability management, and a strong understanding of security event analysis and triaging in saas and cloud production environments.
responsibilities and duties
* review and analyze security alerts generated by the siem system, prioritizing and triaging alerts based on severity and potential impact
* manage and optimize security operation technologies and functions such as siem, tip, and incident response case management to enhance the organization's security visibility
* evaluate security data sources and use cases for consideration in the improvement and expansion of the team’s detection capabilities
* lead incident response efforts, including investigation, containment, eradication, and recovery from security incidents and breaches. Participate in the team’s on-call rotation for critical incident escalations
* conduct root cause analysis and post-incident reviews
* develop and evangelize incident response playbooks and procedures for csirt
* steer the cyber threat intelligence (cti) program to continually monitor emerging security threats, trends, and technologies. Provide recommendations for improving security controls and processes to mitigate risks efficiently
* gather and analyze cyber threat intelligence from various sources, correlate it with security events and incidents, and provide actionable insights to the security team and stakeholders
* conduct proactive threat hunting activities to identify potential threats, develop and implement methodologies and tools, and document findings with recommended mitigation strategies
* monitor and analyze user behavior to detect potential insider threats, investigate suspicious activities and recommend appropriate actions, and develop and implement insider threat detection and response strategies
* provide guidance, support, and mentorship to junior team members who demonstrate a willingness to learn and take on new challenges
* aid in the gathering of evidence for compliance audits
qualifications and skills
* broad and deep knowledge of security concepts, principles, and best practices
* 5-7 years information security and/or technology experience, 3+ years in a similar cyber security analyst role
* exceptional decision-making skills, demonstrating a track record of effectively evaluating the costs and benefits of various courses of action to find the optimal solution
* comfortable communicating with a broad audience, including executives, clients, and cross-functional teams
* skilled in the analysis of threat event data and recognition of tactics, techniques, and procedures (ttps) employed by threat actors
* experience with operating and managing siem (e.g., google chronicle, splunk) and endpoint, detection and response (edr) tools
* familiar with scripting languages for automation (e.g., python, bash, powershell)
* an understanding of applying mitre att&ck or similar frameworks in enterprise environments
* experience with cloud security and monitoring (e.g., aws, azure, google cloud)
* strong background in incident response and handling complex security incidents
* experience in cyber threat intelligence gathering and analysis and threat hunting methodologies and tools
* cissp, giac or comparable certifications strongly preferred
about encora
encora is a global company that offers software and digital engineering solutions. Our practices include cloud services, product engineering & application modernization, data & analytics, digital experience & design services, devsecops, cybersecurity, quality engineering, ai & llm engineering, among others.
at encora, we hire professionals based solely on their skills and do not discriminate based on age, disability, religion, gender, sexual orientation, socioeconomic status, or nationality.
#j-18808-ljbffr