Information Security Engineer II 19G03
The Security Analyst will be responsible for
· Performing daily operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including but not limited to events from SIEM tools, network and host-based IDS, firewall logs, system logs (Unix & Windows), midrange, applications and databases.
· Collaboration with Line of Business technical teams for issue resolution and mitigation.
· Documentation of actions taken for audit, regulatory and legal purposes within approved event tracking system.
· Provide Antivirus & Malware protection application administration and management (for example, but not limited to SentinelOne, Symantec)
· Routinely interact with vulnerability and threat management teams and incorporate feedback into information security applications (for example Tenable, Qualys)
· Ensuring applications, networks, systems and cloud services are monitored in accordance with security controls related to SOC 2, ISO 27001 and the RMS Information Security Policy
· Utilizing incident response playbooks to ensure consistent handling of various security events.
· Managing work queues by priority and meeting service levels for response time and event analysis.
· Interacting with the Network Operations Center team to stay current on planned or unplanned changes and outages on the network that impact security monitoring.
· Minimum 1-3 years of Information Technology experience with network technologies (CCNA, JNCIA, MCSA certification is desirable)
· Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, intrusion detection systems, system logs)
· Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management
· Experience assisting the development and maintenance of tools, procedures, and documentation Customer service including the resolution of customer escalations, incident handling, and reporting
· Previous experience in adjacent areas such as, Security Operations Center, Network Operations Center, System Administrator, Platform/ Tool Support Engineer, IT Helpdesk support