The Senior Security Analyst is an experienced member of the Cyber Security Operation Center, which is responsible for providing 24x7/365 continuous monitoring, triage and reporting for security investigations. Senior Security Analysts must possess a keen attention to detail, ingenuity, and desire to improve upon existing security practices. Senior Security Analysts also are responsible for ensuring reporting, building out security monitoring content, documentation, working with teams on remediation, training of junior members and monitoring cloud security.
Principal Duties and Responsibilities:
-
First responder to security events reported via various communication channels
-
Conduct initial triage through investigation into network traffic, host activity, user authentication, cloud provider logs, application logs, etc.
-
Perform intrusion detection using SIEM (Security Information Event Management) technology
-
Detect, triage, and escalate critical security incidents
-
Conduct threat hunting and contribute to content development
-
Responsible for documentation and metrics of security findings
-
Interact with customers and act as the primary point of contact for security requests.
-
Improve and challenge existing processes and procedures, contribute to security automation
-
Monitoring corporate communication channels (MS Teams, Slack, etc.)
-
Maintain knowledge of information security policies and goals
-
Keep current on the threat landscape and upcoming trends in cyber security
-
Coach and guide junior SOC analysts , perform knowledge transfer as required
-
Manage reports via PlayStation's bug bounty program
-
Manage all cases, ensuring they are acted upon efficiently and effectively
-
Compile and analyze data for reporting and metrics
Qualifications:
-
Bachelor's degree or equivalent industry experience
-
7+ years overall security industry experience
-
1+ years of IT or networking experience required, as well as basic knowledge of Windows/Linux/MacOS
-
Threat hunting experience, ability to troubleshoot and assess security risk
-
Experience with cloud-based systems such as AWS, GCP, Azure
-
Experience with analyzing host, network and web application activity, including log analysis techniques and methodologies
-
Proficient with cloud services such as, security, monitoring, and analytics
-
Excellent verbal and written communication skills
-
Experience working with customers via the phone, email, other corporate communications methods
-
Good independent problem-solving experience
-
Ability to manage parallel tasks and accurately document resolutions
Desired Experience:
-
Industry recognized professional certification such as GCIA, GMON, GCIH
-
Basic understanding of scripting languages, experience with automation
-
Experience working with container technologies, including Docker and Kubernetes
#LI-GM1
