Description
The Security Operations Analyst will provide technical, administrative, and procedural support for the Firm's information security program to protect the confidentiality, integrity, and availability of information systems per the Firm's business objectives, regulatory requirements, and strategic goals.
Responsibilities:
- Provide Tier 2 technical and support services to the global organization on behalf of the Information Security Team
- Receive, process, and resolve tickets per defined SLA's
- Assist in the architecture, deployment, and ongoing support of key security systems necessary to protect Firm assets
- Understand Firm policies and standards and be capable of conveying those requirements to end users in a non-confrontational manner
- Critically assess current practices and provide feedback to management on improvement opportunities
- Report compliance failures to management for immediate remediation.
- Maintain assigned systems to ensure confidentiality, availability, integrity, and reliability, including the oversight of current and projected capacity, performance, and licensing
- Provide status reports and relevant metrics to the Security Operations Manager
- Contribute to the Firm's security-related information repositories and other marketing/awareness endeavours
- Participate in special projects as needed
- Liaise with the GSEC Engineering team as an advanced support participant for designated GSEC systems
- Actively participate in cross-training, and knowledge transfer opportunities with GSEC Engineering to obtain junior-level mastery of designated systems
Skills and Experience:
- Possess a Computer Science Bachelor’s Degree or substantially equivalent experience
- Strong Professional experience in information security focusing on security operations and technical support
- Special Requirements, Licenses, and Certifications (GSEC, GCIH, GCIA, GMON, Comptia CySa+; CISSP or SSCP desired)
- Experience with common security platforms such as antivirus, full disk encryption, two-factor authentication, PKI, and data leakage protection.
- Deep understanding of TCP/IP, DNS, common network services, and other foundational topics
- Intermediate knowledge of server, workstation, and Active Directory technologies that impact security controls
- Ability to gather and analyze facts, conclude, define problems, and suggest solutions
- Maintain critical thinking and composure under pressure
- Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English
- Capable of assisting with the preparation of internal training materials and documentation
- Ability to be productive and maintain focus without direct supervision
- Passionate in the practice and pursuit of customer service excellence
- Willing to accommodate shift-based work for a global organization
- Provide exemplary customer service by striving for first-call resolution and demonstrating empathy, respect, professionalism, and expertise
- Strong analytical and troubleshooting skills including a thorough understanding of how to interpret users’ questions and issues, and the ability to resolve these issues in the context of organizational policies, standards, and other requirements
- Demonstrated productive participation in the implementation of industry best practices around IT service delivery and quality, problem management (Ishikawa, 5 Whys, Kepner Tregoe), risk management, continuous improvement
- Experienced in dealing with Tier 2 customer issues and willing to assume responsibilities consistent with a subject matter expert within the Security Operations group. Such responsibilities will include but are not limited to, root cause determination, developing remediation plans in concert with vendors and other internal constituents, implementing those remediation plans to prevent a recurrence, and updating playbooks and KB's
- Experience with security operations response procedures and practices, including the use of security orchestration tools and ticketing systems, and handling threats (malware behavior and persistence), attacks, and vulnerabilities