This position functions as a Security Operations Center Analyst to review alerts and other log data with the intention of identifying trends and patters that could represent threat actions against the organization. The individual will be responsible for following procedures to handle any identified incidents. Drawing on the individual’s security expertise, work as an internal consultant to help promote secure best practices within the organization and train personnel with regard to safeguarding sensitive information.
- Primary responsibilities involve monitoring and tuning the Data Leak Prevention product under the direction of the Data Security Lead Analyst.
- For all events flowing though the centralized Security Information and Event Management system, monitor and tune the alerts to provide the necessary situational awareness within the organization to detect threat events.
- Under the direction of the Information Security Manager operate the incident response plan and track the status and outcome for each incident.
- Produce and report incident response metrics.
- Feed relevant statistics concerning incident response into the Information Security dashboard and score card
- CISSP, GIAC Security Essentials (GSEC), or equivalent certification
- GIAC Certified Incident Handler (GCIH) preferred
- At least 4 years of experience in a dedicated information security role
- Insurance industry experience in life, health and annuity a plus
- Experience working within a Security Operations Center or Network Operations Center environment.
- Ability to concentrate on analyzing large volumes of data, and connect disparate information to logical conclusions.
- Excellent verbal and written skills; Experience summarizing incidents into formal reports.
- Self-motivated, and capable of staying on task while reviewing large volumes of information.
- Experience with SIEM / Log Aggregation Technology
- Familiarity with Network, Server, Firewall, Application Firewall, and/or Intrusion Prevention Alerts