Information Security Analyst

Job Summary
We are seeking a highly skilled SOC Level 3 Analyst for the second shift who will proactively detect adversary activities within the network to identify threats before they achieve their objectives. The ideal candidate will possess strong expertise in log and network traffic analysis, coupled with a thorough understanding of the MITRE ATT&CK framework.

Responsibilities

• Collaborate as an integral member of the global IT security team, closely partnering with US-based SOC teams.

• Perform a variety of tasks in accordance with established departmental procedures and guidelines.

• Conduct both real-time and retrospective analyses using a comprehensive suite of security tools including Endpoint Protection, SIEM, Firewall, Endpoint Detection & Response (EDR), Intrusion Detection Systems (IDS), Email Gateways, Web Content Filtering, Network Detection & Response, and Identity Management systems.

• Execute incident response triage to assess suspected hosts for ongoing attacks and determine their scope and impact.

• Review and validate analyses performed by junior analysts, providing mentorship to foster their professional development.

• Stay abreast of the latest attacker tactics, techniques, and procedures (TTPs) to identify sophisticated threats within the network environment.

• Partner with SOC, Threat Intelligence, Incident Response, and Enterprise Security teams to support investigations and threat hunting initiatives.

• Identify gaps in network visibility and recommend effective solutions to enhance detection capabilities.

• Develop, maintain, and continuously improve playbooks, processes, and detection methods based on feedback from active investigations.

• Coordinate escalation processes involving advanced forensics, malware reverse-engineering, and further host investigations with third-party vendors as needed.

• Clearly communicate technical details of security incidents to business stakeholders and non-technical audiences.

• Perform additional responsibilities as assigned.

Experience and Education Requirements

• Typically requires a minimum of five years of hands-on technical experience in security across multiple platforms, operating systems, software, communication, and network protocols, or an equivalent combination of education and experience.

• Industry certifications such as CISSP, GCFA, GCIH, GCFE, or equivalent are preferred. A background in Computer Science or related discipline is also valuable.

Skills and Competencies

• Strong familiarity with SOC operations, including scheduling and the use of SIEM, SOAR, and DFIR tools.

• Comprehensive knowledge of the incident response lifecycle and cybersecurity best practices.

• Deep understanding of security policy development and enforcement.

• Well-versed in regulatory requirements (e.g., SOX, privacy regulations) and IT internal controls.

• Proven ability to drive cultural change and promote widespread adoption of information security principles within an organization.

• Excellent analytical and problem-solving capabilities.

• Strong communication and interpersonal skills, with the ability to work effectively across diverse teams including IT management, peers, and business stakeholders.

• Demonstrated project management skills to successfully complete technical initiatives.

• Advanced proficiency with Microsoft Office and other business software applications.

• Knowledge of the insurance industry is a plus.

Benefits

• Medical, vision, and dental insurance

• 401(k) retirement plan

• Additional benefits as applicable