Job details
Job type full-time
Full job description
Aci worldwide
Job description
Job title: lead security operations center analyst t
Created date: december 18, 2021
Job summary :
The lead security operations center (soc) analyst will analyze dashboards, systems, and reports to mitigate risk, triage security incidents and implement fixes to improve aci’s end point security postureThis individual will be expected to participate in the creation and maintenance of policies, standards, and procedures related to endpoint security event responseWill be required to perform administrative activities related to security incident response as assignedThis individual will need to ensure that approach to security related incidents is aligned to acis overarching security goals as established by policies, procedures , guidelines, and standards and works to achieve those goalsConducts tasks and assignments as directed by the director of production systemsThe lead soc analyst is responsible for on time, on budget, high quality delivery of all projects and duties assigned.
Job responsibilities:
Executing security operations including incident detection, identification, management, response, and reporting
Reviews compromised systems to identify root cause of security incidents and remediation actions that need to be taken
Correlate incident data to identify specific vulnerabilities and make recommendations that enable swift remediation
Configuring, managing, and administering cloud-based security tools such as,
Microsoft 365 security suite (defender, advanced threat protection, cloud application security, protection portal)
Microsoft security and compliance center; microsoft endpoint manager (intune); insider threat management
Defender for identity, privileged identity manager
Azure security center sentinel, log analytics, azure waf
Web content filtering; and secure document sharing and collaboration solutions
Making recommendations that improve aci’s endpoint security posture
Subject matter expert on data loss prevention and data protection concepts
Overall responsibility for security operations to handle threat detection and response along with ensuring new dlp product deployments meet monitoring requirements
Conducts internal and external investigations and responds to internal and external security threats
Contribute to policy development and preparing briefings to explain security programs and requirements to senior executives
Providing expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues
Assessing risk factors and advise on vulnerability to attack from a variety of sources and procedures for protection of systems and applications
Proposing and i mplementing security measures that align to ffiec, irs, pci, hipaa and other federal regulations and guidance.
Interpreting internal policy and implementation and documentation of those requirements.
Manage security controls for cloud-hosted environments, applications, and services
Collaboration with service desk and incident management teams
Develop system security plans, security assessment reports, continuous monitoring plans, and plans of action & milestones
Ensure coordination and collaboration on security activities
Effectively communicate both orally and in writing with management and other technical specialists
Proposes and helps review security plans and policies to improve the security environment
Maintains metrics, operational playbooks, process diagrams and documentation for security monitoring and response
Obtains information and stays up to date on the latest threats and security trends in a fast and efficient way to keep the enterprise environment protected
Plan, organize and manage tasks on time with minimal supervision
Oversees, responds to, and remediates dlp (data loss prevention), phishing, abnormal activity, and siem events from on premise and cloud systems
Obtains information and stays up to date on the latest threats and security trends in a fast and efficient way to keep the enterprise environment protected
Other duties may be assigned as needed to address new security threats facing the enterprise environment
Provides off hour support as needed for security monitoring and response activities
Understand and adhere to all corporate policies to include but not limited to the aci code of business conduct and ethics.
Knowledge, skills and experience required for the job:
Bachelor’s degree in computer science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or equivalent work experience, is required.
7+ years’ experience in information security
Must have experience in incident response and management
Demonstrated experience with windows and non-windows server configuration, administration, and monitoring.
Experience working in a process-oriented workflow environment.
Experience working with multi-tiered ticket handling/resolution systems.
Experience supporting large enterprise it environments.
Experience creating, modifying, and following standard procedural documents.
Excellent written and verbal communication skills
Ability to multitask in a dynamic environment
Analytical thought process
Preferred knowledge, skills and experience needed for the job:
Project management
Itil experience is preferred.
Knowledge of the jira ticketing platform preferred
Working experience with information security, network security, insider threat, security monitoring, incident response, and vulnerability management
Working experience with industry standard security technologies and services firewalls, vpn, ids, endpoint security, dlp, av, proxy, siem
Strong experience with data loss prevention
Strong experience with siem event/log analysis and correlation
Cissp or equivalent
Comptia security + certification
Ethical hacking certification (a plus)
Unix, linux, oracle
Work environment:
Standard work environment
Hiring insights
Job activity
Posted 30+ days ago