IT Information Security Analyst @ BCD Travel

Job Description

Job Title Information Security Operations Analyst Main Purpose The Information Security (InfoSec) Operations Analyst will be a critical member of the Information Security Operations team responsible for operational security activities and support for multi-vendor security platforms. You will actively investigate threat actor activity, malware infections, living off the land attacks, as well as a variety of other security incident. This role is instrumental to ensure the protection of Markens data. The InfoSec Operations Analyst will be responsible for monitoring the safety and security of employees and assets throughout our global footprint. Analysts use a variety of tools and platforms to conduct operational oversight across the world. Coordinating, alarm responses, physical security, surveillance cameras, incident investigation, readiness audits, technical failures, facilities issues, and emergency responses. The InfoSec Operations team will also monitor open-source media and. business intelligence sources to detect any potential threats and/or conditions that could adversely impact client operations, assets, and personnel. Main Duties And Responsibilities Review security-related events and assess their risk and validity based on available telemetry from network, endpoint, and global threat intelligence information to provide management concise, detailed, and well-written incident reports, root causes identification, and remediation efforts. Use experience gained during incident investigations as well as malware and exploit analysis to contribute to the development of indicators of compromise. Work closely with industry peers to share knowledge surrounding threats identified. Act as first point of coordination for escalations coming directly from employees via chat or tickets and ensure response within agreed SLAs. Develop and implement standard technical procedures (runbooks) to be used by the team for the day to day operations. Identify process automation opportunities and work independently or with vendors to implement them. Monitor and analyze data flow to identify and block malicious behavior and activities Oversee detection and assessment of, reporting upon, and general response to information security incidents. Provide timely, detailed, and complete reports on security events and incidents to leadership and client executive stakeholders. Lead investigations towards identifying root cause for security events, evaluating anomalous activity, and tuning for frequent false positives. Manage/enhance in-scope security platforms and work towards expanding and maturing our SIEM analytics platform to identify, correlate and enrich threat events across our environment. Anticipate new security threats and stay-up to date with evolving infrastructures InfoSec Operations Analyst may also be involved in various deliverables such as Threat Hunting, Security Auditing, Penetration Testing (Internal & External), Compliance auditing and implementation, among other duties, under the guidance of the Head of Information Security. Requirements Significant experience with and strong understanding of: Two (2) or more of the following operating systems (Windows, Linux, Mac OS) at a filesystem level. Fundamental Internet protocols, services and technologies (e.g. HTTP/HTTPS, DNS, SMTP, SSH, LDAP, TCP/IP, UDP, ICMP, JSON, REST, etc.) Common security controls (e.g. firewalls, proxies, IDS/IPS, WAF, etc.) Experience With And Strong Understanding Of Performing both endpoint and network-based investigations. Reviewing logs to identify evidence of past intrusions. Pivot off indicators within networks to identify the scope and breadth of attacks. Malware and exploit kit functionality. Operating system and application exploits. Lateral movement, living-off-the-land, and persistence establishment mechanisms. Detection of anomalous system activity. Threat hunting methodologies. Incident response and incident handling processes. Skills and/or abilities required to perform the essential functions of the job: Ability to research and characterize security threats including creating appropriate countermeasures. Strong technical communication skills, both written and verbal. Attention to detail and great organizational and time management skills. Excellent problem-solving skills that would allow for the ability to diagnose and troubleshoot technical issues. Client-focused with a passion for delivering service excellence. Strong sense of urgency and ability to work under pressure. Possess high standard of integrity and confidentiality. Qualifications 3+ years of relevant experience or equivalent combination of education and work experience. Completion of a Bachelors degree or equivalent program in Computer Science, Network Security, Information Security or other applicable field and 3+ years of work experience in the field. Preferred Qualifications Industry certification from vendors: ISC2, GIAC, EC-Council, Cisco, Juniper, CompTIA, ITIL, Unix, Microsoft, Oracle, etc. Ability to write scripts to automate new and existing tasks EEO and Veteran Employer Marken is a wholly owned subsidiary of UPS and is a critical part of UPS Healthcare. Marken offers a state-of-the-art GMP-compliant depot network and logistic hubs for clinical drug product storage and distribution worldwide and supports cell and gene therapy logistics services from clinical to commercial, while maintaining the leading position for Direct-to-Patient and Home Healthcare services, biological sample shipments and biological kit production

Employement Category:

Employement Type: Full time
Industry: Others
Role Category: Others
Functional Area: Not Applicable
Role/Responsibilies: IT Information Security Analyst

+ View Contact

Keyskills:   Penetration Testing Compliance auditing Endpoint networkbased investigations Reviewing logs Malware exploit analysis Incident response Threat hunting methodologies Security Auditing Strong technical communication Problemsolving skills