SES
Senior Insider Threat Security Analyst
ROLE DESCRIPTION SUMMARY
SES's Senior Insider Threat Security Analyst focuses on advancing SES's Information Security threat and compliance program through security monitoring, threat & vulnerability management, and delivering professional reports including findings and recommendations. The Senior Insider Threat Security Analyst is expected to be fully aware of the enterprise's security goals as established by its policies, procedures, and guidelines, and to actively work towards upholding those goals.
PRIMARY RESPONSIBILITIES / KEY RESULT AREAS
Lead incident response to Insider security events and incidents.
Perform correlation and trend analysis of security logs, network traffic, security alerts, events, and incidents. Conduct in-depth root cause analysis and gather information prior to escalation for future analysis. Handle events and incidents in accordance with applicable plans and processes.
Analyze, triage, escalate, and report on Insider security events, including investigation of anomalous network activity and response to cyber incidents within the network environment.
Continuously monitor security technologies/tools and network traffic, resulting in security alerts generated, parsed, triggered, or observed on in-scope networks, systems, or security technologies.
Rapidly assess network traffic, detect data anomalies, and provide detailed reports.
Handle insider threat events and incidents in line with established plans and processes. Integrate activities with standard reports, such as Insider security metrics reports.
Lead team and technical meetings relevant to the content.
Ensure tasks and projects are completed on schedule.
COMPETENCIES
Strong organizational skills and ability to manage multiple tasks concurrently while maintaining focus.
Understanding of current attack tools, tactics, procedures, and mitigation strategies.
Strong critical thinking, analytical skills, creativity, and a drive for quality.
QUALIFICATIONS & EXPERIENCE
Must Have
Four-year college degree in a technical field or equivalent work experience.
Technical knowledge in networks, network topologies, remote access, servers, software, and troubleshooting.
Experience working in a SOC or similar environment.
Experience reviewing IDS/IPS, EDR, Firewall, and other security logs.
Experience with SIEM monitoring, analysis, and rule tuning.
Ability to analyze insider threat data from security tools and recommend optimizations.
Nice to Have
Experience in enterprise security architecture planning and implementation.
Experience with Insider threat management tools and teams.
Security certifications such as Security+, CEH, CYSA+, GCIA, GSEC, GMON, or GCDA.
#J-18808-Ljbffr
#J-18808-Ljbffr