Information Security Analyst

Information Security Analyst

ROLE DESCRIPTION SUMMARY

SES's Cyber Security Center Teamis focused on improving SES's security posture through security monitoring, vulnerability management, monitoring and analytic tools, and actively seeking out and addressing security concerns. An Information Security Analyst must be aware of the enterprise's security goals, policies, procedures, and guidelines, and be actively working towards upholding those goals.

PRIMARY RESPONSIBILITIES / KEY RESULT AREAS

• Monitor and analyze security logs, system logs, and network traffic for security events.
• Assist various teams in configuring diverse devices for logging.
• Perform in-depth root cause investigation and analysis.
• Conduct incident response to security events and incidents.
• Address security concerns in a way that is consistent with applicable policies, plans, and processes.
• Analyze, triage, aggregate, escalate, and report on security events, including investigation of anomalous activity and responses to cyber incidents.
• Document security processes to create playbooks and other documentation based on best practices and policy.
• Research and suggest improvements for the corporate security posture.
• Present security-related material in meetings.
• Work to ensure assigned tasks and projects are completed on time.

COMPETENCIES

• Having good organizational skills and able to manage multiple tasks.
• A willingness to engage and coordinate with others in the Threat Management team.
• Employing good communication skills to coordinate with your team and others at SES.
• Having a willingness to dig into details and seemingly unglamorous tasks.
• Have strong logical analysis skills focused on details.
• Strong critical thinking/analytic skills, creativity, and a personal desire for quality.

QUALIFICATIONS & EXPERIENCE

• Must Have

• Two-year college degree in a technical field of study or equivalent work experience

• Technical knowledge and practical experience in networking, remote network access, network connected devices, network service software, and troubleshooting techniques.
• Experience working in a SOC or similar environment.
• Experience with reviewing IDS/IPS, EDR, firewall, OS, application, and other logs for security purposes.
• Competence in data sorting, manipulation, and correlation.
• Experience utilizing a Security Information and Event Management (SIEM) system to identify security issues for remediation, make rule modifications, make improvements in log handling, and perform data extraction for further analysis.
• Experience with threat and vulnerability management, penetration testing, vulnerability assessments, and vulnerability mitigation.

• Conduct comprehensive analysis of threat data obtained from proprietary and open-source threat intelligence resources for potential and known.

• Nice to Have

• Experience in the with using various aspects of enterprise security architecture including SIEMs, EDR, and similar software.

• Familiarity with a variety of OSes including Microsoft Windows, Linux, and network appliance operating systems.
• Experience manipulating data with Microsoft Excel and document writing in Microsoft Word.
• Knowledge of a scripting language such as BASH, PowerShell, Python, etc.
• One or more of the following security certifications: Security+, CEH, CYSA+, GCIA, GSEC, GCIA, GMON and GCDA.

SES and its Affiliated Companies are committed to providing fair and equal employment opportunities to all. We are an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, gender, pregnancy, sex, sexual orientation, gender identity, national origin, age, genetic information, protected veteran status, disability, or any other basis protected by local, state, or federal law.

For more information on SES, click here.