Senior Security Ops Analyst

We are seeking a Senior Security DevOps Engineer who will be responsible for a variety of objectives resulting in risk mitigation and remediation of internal & external security threats. This role performs advanced threat analysis, threat intelligence gathering & reporting, incident response activities, improves accuracy of security systems, improves existing processes, and works on Cybersecurity focused projects.

Contract to hire

Onsite 2 days a week located in New York

Cybersecurity – Cyber Intelligence & Incident Response

• Responds to and remediates email, endpoint, threat intelligence, and network-based threats; provides forensic investigation and support.
• Provides after-hours support as needed for response activities.
• Integration experience.
• Collaborates with cross divisional and Cybersecurity teams to continuously improve security capabilities and response to threats in the most efficient and effective manner.
• Assists with projects to implement advanced technologies to prevent & identify malicious behavior within cloud environments, networks, endpoints, and email technologies.
• Operates products such as SIEM, SOAR, threat intelligence platforms, advanced email protection, EDR, cloud security products, IDS/IPS, Zero Trust tooling, and other security technologies.
• Scripting experience.
• Implements and performs threat analysis utilizing industry standard frameworks (kill chain/diamond model) and techniques.
• Proposes and helps review security plans and policies to improve environmental security.
• Maintains and produces metrics, operational playbooks, process diagrams and documentation for the Cybersecurity program.
• AWS and/or Azure knowledge.
• Produces and distributes operational and tactical threat intelligence reports.
• Other duties may be assigned as needed to address new security threats facing the enterprise.

Ability to:

• Demonstrate great teamwork and partnership with internal teams for resolution of security-based issues.
• Python programming tasks and understand of programming in general.
• Perform security event correlation, triage, and analysis.
• Apply security Threat Intelligence while responding to and investigating security events or Incidents.
• Identify when an application, network, system, or user has been compromised by an internal or external threat.
• Work on multiple projects to improve security capabilities.
• Exercise strong understanding of defense-in-depth security best practices.
• Apply security engineering and architecture concepts to best understand how to employ the most effective security monitoring, response, and threat reporting.
• Demonstrate effective communication of security issues and topics to management and others.
• Work well under pressure and within a high paced environment.
• Maintain operational guidelines and standards for Cybersecurity.