Description
The Lead Cyber Security Analyst has high visibility and direct responsibility for the effective and efficient regional operations of the Security Operations Center, including cyber security technologies, threat management and reporting, incident monitoring/response, communications, education, and risk management. The lead analyst is responsible for driving process refinement and implementation, cross-team/discipline collaboration, maintenance of internal and external stakeholder relationships, and direct supervision of staff. Reporting directly to the Director of Security Operations, other responsibilities include immediate security incident and event response management, identification, triage and response to security incidents, operational metrics design and reporting.
What you’ll Do:
• Lead regional team of security experts and provide hands-on expertise over the following areas of information security:
• Leading our regional security operations team and driving to the next level in our capabilities.
• Responsible for managing event monitoring and response.
• Ensure assessment, reporting, identification, and monitoring of incidents.
• Review and organize security reports with a clear understanding of the threat, severity, and ramifications in order to triage, prioritize, reproduce, troubleshoot, resolve, escalate, and report. Define, deploy, and tune our Detection and Response platforms to ensure appropriate visibility across the enterprise.
• Identify and incorporate all log sources required and work towards a Single Pane of Glass and a rational set of alerts.
• Enhance the appropriate threat intelligence feeds and the processes for collecting them, analyzing them for relevance, and ingesting them into our platforms to add context.
• Support a Vulnerability Management program to ensure that we have complete coverage, accurate and up-to-date data on our vulnerability posture and a process to quickly remediate vulnerabilities that we are exposed to.
• Keep current on information security risks and the Tactic, Techniques and Procedures (TTPs) of attackers.
• Enhance standard operating processes and protocols for reporting, incident response, risk management, planning, exercising, training, and continuous operational improvement.
• Performs other duties and projects as assigned.
Who You’ll Work With:
We are a US-based team and conduct 24x7x365 monitoring to protect the company’s data assets. This position primarily involves communication with regional team members such as Security Analysts and Sr. Security Analysts, as well as collaboration with SOC members in the US and other countries. Additionally, there will be continuous interaction with various departments including the Cloud team, Product Engineering, IT, Legal and etc.
What Makes You a Qualified Candidate:
• BS degree in related field preferred. Equivalent experience/certification acceptable.
• Minimum of Two (2) years management experience leading and motivating cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
• 7+ years of demonstrated experience in information security roles
• Industry certifications such as CISSP, CISM, CCSP, CEH, PMP, GCIH, GSEC
What You’ll Bring:
• Understanding of the incident response plan and experience in the incident response process.
• Knowledge of Microsoft Azure, AWS, GCP or similar cloud computing platforms
• Excellent analytical, troubleshooting & interpersonal skills
• Strong verbal and written communication skills
• Self-motivated and able to work independently
• Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations
• The ability to communicate confidently and clearly on conference calls, in meetings and via email, at all levels of the organization is essential.
• Confident in collaborating, building trust and respect with people outside of the immediate team
• Experience in:
• Cybersecurity Operations and Security Operations Center
• Data Protection, Network Security, Endpoint Security, and Zero Trust
• Security Technology Integration, Configuration, and Automation
• Security Configurations
• Information security industry trends and emerging technologies
• Information security audits
• Network and internet security