Security Operations Analyst

Responsibilities

JOB PURPOSE: Security Operations Analysts improve the organization's security posture by evaluating, testing, and documenting security solutions and controls along with the necessary procedures. They work closely with other security team members to remediate risks while supporting business innovation. Analysts must continually adapt to stay ahead of cyber attackers, requiring a passion for security and ongoing learning. They also collaborate with internal and external audit teams, technology management, and business stakeholders.

ESSENTIAL DUTIES AND RESPONSIBLITIES:

• Implement technical systems and monitor them for unusual and suspicious activity across a wide range of products.

• Perform “on call” rotation for investigating alerts escalated by the MDR provider, other IT teams, or security tool alerts.

• Assist with articulating security configuration standards for systems and business applications.

• Participate in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met.

• Serve by aiding in incident response (IR) with the IR and security operations center (SOC) teams.

• Interface with internal and external auditors, along with Compliance team members, for risk assessments as necessary, while providing information requested in a timely manner.

• Recommend new security solutions as well as effective improvements to existing security controls that do not negatively impact business innovation.

• Serve as a liaison for the security team.

• Provide weekly reports to leadership to account for project updates, along with other misc. updates regarding the Security Operations.

• Perform other duties as assigned.

Qualifications

• At least 3-5 years of information security experience (or combination of 3 to 5 years of IT system administration with security).

• Expertise in incident response and system monitoring and analysis.

• Experience with compliance requirements (PCI, SOX, etc.).

• Ability to effectively communicate business risk as it relates to information security.

• Knowledge of multiple computing platforms, including Windows, OSX, Linux, networks, and other misc. endpoints.

• Experience with vulnerability and penetration testing engagements.

• Experience with change and project management.

• Possesses highly effective communications skills with the ability to influence business units.

• Acts with integrity, takes pride in work and seeks to excel, be curious and adaptable.

• Displays an analytical and problem-solving mindset.

• Is highly organized and efficient.

• Leverages strategic and tactical thinking.

• Works calmly under pressure and with tight deadlines.

• Demonstrates effective decision-making skills.

• Is highly trustworthy and leads by example.

Stays current with evolving threat landscape.

This job description is intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, and skills. You may be asked by your supervisor or managers to perform other duties. Your performance will be evaluated in part based upon your performance of the job duties listed in this job description, as well as any job duties not specifically listed above that you may be asked from time to time to perform. The Company has the right to revise this job description at any time.

Crash Champions is an equal opportunity employer committed to workplace diversity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, gender identity, protected veterans’ status, status as a disabled individual or any other protected group status or non-job characteristic as directed by law.