Information Security Analyst I, Global Security Operations CenterThe Information Security Analyst I within the Global Security Operations Center contributes to a variety of global enterprise information security services in support of the Chief Security Officer.
The Analyst I will have demonstrated in past roles the ability to work effectively with minimal supervision on security related tasks and projects, drive results, and build positive relationships with coworkers and meet program objectives.
This individual will have a key role in supporting one or more of the following enterprise security services :
Information Security Monitoring & Analysis
Information Security Incident Response
Vulnerability & Exposure Management
Investigations & Data Forensics
Penetration Testing & Technical Control Verification
Information Security Metrics & Reporting The incumbent will play a strong role in daily operations pertaining to the collection, correlation, and identification of indicators of malicious or inappropriate activity.
This individual must have the ability to quickly learn and perform technical analysis pertaining to intrusion detection, log analysis, and incident response.
This role will also have operational responsibilities in support of investigations and forensics, enterprise vulnerability management, penetration testing, and reporting as part of the Asurion Global Security Operations Center (GSOC).
The Analyst I will have a high level of collaboration with other Analysts within IT and extensive involvement with our Network Operations, Engineering, and Platform Support teams.
The ideal candidate will have a strong interest in complex problem solving, ability to challenge assumptions and consider alternative perspectives, think quickly and perform in high-stress situations, and operate well in a strong team environment.
Operates and manages collection, correlation, and reporting of platforms that consume security relevant data
Operates and monitors network intrusion detection and prevention sensors and other information security monitoring infrastructure
Collects, assesses, and reports upon relevant threat intelligence / actionable security information and appropriately modifies tactical operations
Performs analysis and response to Tier I & II security relevant alerts and events
Assesses network traffic patterns and session data for indicators of malicious activity with assistance
Plays a strong supporting role in prompt and effective response to information security incidents
Performs operational assessment, prioritization, and remediation of enterprise vulnerabilities and exposures
Generates, edits, and delivers reports derived from security tools and GSOC activities
Supports of forensic investigations and penetration testing activity
Assists with executing remediation plans for any gaps reported in audits or recommended process improvements that effect core information security services
Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities;
reading professional publications; maintaining professional networks; participating in professional organizations
Performs other related duties as assigned
BA or BS in Computer Science, Management Information Systems, or related field desirable, practical experience plus education and certifications may be considered
One or more years of progressive experience in computing and information security, including experience with Internet technology, security technology, issue resolution and leading teams in a cross functional, global setting
SSCP, GSEC, or other security related certifications desired
Solid understanding of core network protocols (TCP / IP, ICMP, DHCP, DNS, etc)
Familiarity needed with several key security technologies : SEIM Tools (Splunk, ArcSight, LogLogic), Network Intrusion Detection / Prevention Tools (TippingPoint, SourceFire, Snort, CheckPoint IPS blades, NetWitness, MIR) DLP packages (Symantec Vontu), Host IDS, AV & endpoint management, network anti-malware (FireEye, Palo Alto), Forensic tools (EnCase, FTK, etc)
Strong analytical and problem solving skills are necessary
The ability to operate under ambiguous circumstances, address uncomfortable issues and leverage data to make informed decisions
Excellent communication (oral, written, presentation), interpersonal and consultative skills are required
This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.