This job listing expired on Jul 27, 2020
Tweet

You will be part of Security Operations Center team as the L3 escalation for investigating security incidents. You will ensure the security alerts/incidents escalated from L2 are deeply analyzed to identify issues propose measures to prevent further occurrence. Also, you will be responsible for ensuring intelligence data is gathered and corrective actions are taken to minimize further occurrence.

Responsibilities

  • The L3 analyst will ensure that escalation to wider EA Security teams takes place.
  • Analyst SME for security tools deployed across the organization.
  • Provide in-depth analysis of security alerts and make recommendations to the Incident Response team to improve EA security posture.
  • Review L1/L2 activities and provide feedback and support.
  • Monitor external data sources (e.g. cyber defense vendor sites, CERT) to remain current with threat conditions and determine which security issues may have an impact on the enterprise.
  • Provide cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
  • Support the construction of signatures which can be implemented on cyber defense tools in response to new or observed threats
  • Partner with security teams to provide guidance and support in implementing new projects.
  • Participate in global security or IT projects ensuring security operations goals are met.
  • Periodically review the incident response process and propose improvements.
  • Identify and monitor relevant operational metrics.

Experience And Skills

  • Deep knowledge of security operations tools - SIEM, endpoint security tools, intrusion detection
  • Good understanding of security processes and SOC activities
  • Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting
  • Experience conducting malware analysis
  • Knowledge of computer forensic best practices and industry standard methodologies for acquiring and handling of digital evidence.
  • You will maintain a proficiency in technical tools, countermeasures and techniques.
  • Identify both tactical and strategic solutions.
  • Work independently and in a cross functional team.
  • Experience teaching and mentoring others in technical and analytical skills.
  • Broad knowledge of operational and security processes/controls (e.g. vulnerability management, patch management, etc.).