Information Security Analyst (Level 2)
The Information Security Analyst will manage the end-to-end operational deployment, verification, incident handling and support of our Customers’ remote managed EventTracker SIEM solution. This is a technical operational role focused on delivering quality service to our customers.
- Provide operational and technical support to our Customers. (note, candidates will receive training on all EventTracker tool sets)
- Serve as shift leader and point of escalation for level 1 analysts.
- Oversee completion of day-to-day checklist(s), including: log review, management report scheduling & running, alert analysis, and escalation follow up activity status
- Manage security incident investigation and diagnosis (performs triage on incidents which are reported by the EventTracker SIEM tool to filter out false positives and known accepted activities)
- Validate incident containment and remediation recommendations provided to Customers.
- Ensure all unresolvable cases are passed to the correct team for action as appropriate
- Ensure high level of quality when managing tickets, requests and Customer queries
- Execute Customer on-boarding
- Capture requirements and prepare Customer EventTracker SIEM filter & tuning requests
- Prepare reports & distribute in readiness for Customer tuning calls
- Arrange & manage client calls (record outputs/actions appropriately)
- Create scheduled Customer reporting, from existing reports, where appropriate
- Maintain technical knowledge, tool proficiency, and system accesses, which allow you to perform the role
- Ensure documentation is maintained appropriately on Sharepoint & new documents are created/stored correctly
- Engage with Customers to build and maintain good, professional relationships
- Manage operational relationships with all relevant parties
- Responsible for the application of IT Security Policy, processes & procedures to mitigate risks to our Customers
- May be required to provide on call emergency support if required by the business.
- Bachelor’s degree in information systems or 2 year equivalent work experience in Network Security Systems & Operations.
- Qualified to degree level, or equivalent professional experience and/or with recognized technical/security qualifications.
- Relevant experience and understanding of Network Security Systems & Operations
- Understanding of system logging including both Security and non-security logs
- General knowledge of Linux/Unix and Microsoft Security Logging Policies
- General knowledge of Network Application Logs Especially Proxies, Web Application Firewalls, and Stateful Firewalls
- General knowledge of Syslog, SNMP, WMI and the benefits and limitations of each
- Knowledge of Security management, network and information security, and end user security.
- User level experience with UNIX/Linux systems
- Experience supporting one or more services within a Security Operations Center is a plus
- Excellent verbal and written communication skills with the ability to work effectively in a group setting. Consistent and proper communication to Customers, management, and team.
- Ability to partner with teams such as developers, vendors, analysts, and project managers.
Please submit your resume and a cover letter indicating the position for which you are applying to: firstname.lastname@example.org. We will contact you if your qualifications meet with our criteria.
Qualified applicants are considered for employment without regard to race, color, age, national origin, religion, marital status, sex, sexual orientation, gender identity, gender expression, genetics, disability, protected veteran status or any other basis prohibited by applicable law. Netsurion and EventTracker, a division of Netsurion, are equal opportunity employers.