Security Operations, Security Analyst III
Company: The Standard
Location: Portland
Posted on: January 27, 2023
|
|
Job Description:
Posted Date: 2023-01-01
Req ID: REQ003023
About Us: The Standard is a family of companies dedicated to
helping its customers achieve financial well-being and peace of
mind. In business since 1906, we're a leading provider of group and
individual disability insurance, group life, dental and vision
insurance, voluntary (employee-paid) benefits, absence management
services, and retirement plans and annuities for employers and
individuals. For more information about The Standard, visit
www.standard.com or follow us on Facebook , Twitter or LinkedIn
.
Description: At The Standard, you'll join a team focused on putting
our customers first.
Our continued success is driven by a high-performance culture.
We're looking for people who are collaborative, accountable,
creative, agile and are driven by a passion for doing what's right
- across the company and in our local communities.
We offer a caring culture where you can make a real difference,
every day.
Ready to reach your highest potential? Let's work together.
Our dynamic Security Operations (SecOps) team is made up of a range
of experienced security analysts with a broad range of skills. As a
SecOps Analyst on our team, you can expect to be working in a
dynamic and rapidly changing environment. Our team provides
monitoring and detection capabilities using some of the latest
security platforms to achieve that goal. Incident detection and
response, analysis, investigation, threat hunting, Red Teaming,
detection engineering, and vulnerability management are all
components of our teams' mission and goals.
The Analyst III position is a key contributor to our team's
success. Collaboration and teamwork are essential. Great
communications skills and self-directed leadership are key traits.
You should be comfortable with applying logical thinking and
deductive reasoning as you work to contain incidents and eventually
get down to the root causes.
What You'll Do:
Perform detection engineering on several different platforms
utilized in support of the SecOps mission
Leverage diverse analysis skills to solve complex problems related
to
Work as part of a team to solve complex investigations and to
perform timely incident analysis
Collaborate across business units to assist with incident response
and to offer services that support our business goals as they
pertain to Information Security
Be a problem solver that works to understand the "who, why, what,
when, and where" of problems, thereby getting to the root causes
and to eventual solutions
Work alongside technical IT teams in incident management scenarios
acting in the role of key contributor to guide the team through the
response process using defined plans and standard operating
procedures
Use your varied skills to help tune and optimize our security
controls to achieve a high level of detection and/or prevention
Assist in determining the direction of current and future tactics
and strategies for the SecOps team
Coordinate the efforts for analysis and investigation into internal
events that are identified using UBA. Take these investigations and
work across business units acting in a key consulting role helping
them to correctly interpret the data so they can make informed
decisions
Who We Want:
The candidate will be able to process various streams of data and
pull this into a logical framework to perform analysis using both
investigation theories and hypothesis to perform accurate analysis
for incident response decisions. This is a great opportunity to
work collaboratively with a skilled SecOps team that enjoys what
they do and are all in the process of growing their careers.
Diverse and comprehensive direct work experience related to general
IT systems like storage platforms, databases, networking, operating
systems, business applications, and email platforms which may all
be involved in the analysis of security incidents. Experience with
direct work in these IT systems should be in the range of 4+
years.
An effective communicator who is team focused and personally driven
to excellence in all tasks you will be working in
Ability to demonstrate what constitutes investigation theory as it
relates to incident investigation and analysis and apply this to
the traditional kill chain model
Demonstrated competence utilizing security tools to gather,
analyze, triage, and escalate potential threat risks
Possess the ability to manage multiple work streams and yet to stay
focused on delivering the results needed to achieve planning
goals
Specific experience related to Security Operations with
demonstrated work experience of 2+ years in the areas of detection
engineering SOC platforms and incident response
Demonstrated knowledge of procedures of malicious threat activity
(i.e., insider threat, fraud, theft, sabotage, espionage, etc.)
associated with behavioral analysis threat hunting
Proven experience that can be demonstrated showing how the various
incident process flows work and what platforms typically handle
each stage of the analysis, collection, detection, and response
stages of incident response.
2-3 years of direct work experience working in cloud environments
with security operations detection and monitoring tools (IDS, SIEM,
EDR, SOAR)
Experience that goes beyond training and general knowledge with
scripting languages (i.e., Regex, Python, Ansible, JavaScript,
PowerShell and similar) that may be used by the SOC to automate
repetitive analysis, and repeatable tasks
Experience with developing custom IOC's in platforms like EDR, and
SIEM
A dynamic communicator who can coordinate with stakeholders to tune
and improve detection capabilities or to aid in investigations or
respond to incidents
Strong Candidates Will Have Experience relevant to:
A clear understanding of the MITRE ATT&CK framework and how to
apply this to incident monitoring, incident response, and threat
hunting. The ability to articulate how to apply this framework to
the monitoring and detection disciplines used by the SOC.
Relevant certifications for this position are SANS GSOC, GSEC, GCIH
and/or GCIA; ISC2 - SCCP and/or CISSP; OSCP; and/or Azure
certifications
A clear and concise communicatorwith the ability to document
processes, produce lucid reports, evaluate, and write procedures,
and draft incident playbooks
Evaluate current & emerging attacks, assess how a malicious actor
might exploit those, and propose how to enable tools and platforms
for monitoring and detection for risk mitigation
Experience working with remote teams using remote collaboration
tools
The use of Security Orchestration, Automation and Response
platforms (playbook building, tuning, analysis, automation
development)
HS Diploma or GED is required.
#LI-Remote
Note: The Standard is required to provide a reasonable estimate of
the salary for this role when hiring a Colorado resident. The
salary for employees working in Colorado in this role is listed
below. The Standard's package also includes incentive plan
participation and comprehensive benefits including medical, dental,
vision, retirement, and paid time off.
Please note, eligibility to participate in an incentive program is
subject to the rules governing the program and plan. Any award
depends on various factors, including individual and organizational
performance.
Salary Range:
$88,250.00 - $150,000.00
Standard Insurance Company, The Standard Life Insurance Company of
New York, Standard Retirement Services, Inc., StanCorp Equities,
Inc. and StanCorp Investment Advisers, Inc., marketed as The
Standard, are Affirmative Action/Equal Opportunity employers. All
qualified applicants will receive consideration for employment
without regard to race, religion, color, sex, national origin,
gender, sexual orientation, age, disability, or veteran status or
any other condition protected by federal, state or local law. The
Standard offers a drug and alcohol free work environment where
possession, manufacture, transfer, offer, use of or being impaired
by an illegal substance while on Standard property, or in other
cases which the company believes might affect operations, safety or
reputation of the company is prohibited. The Standard requires a
criminal background investigation, drug test, employment, education
and licensing verification as a condition of employment. All
employees of The Standard must be bondable.
PI201844699
Keywords: The Standard, Portland , Security Operations, Security Analyst III, Professions , Portland, Oregon
Click
here to apply!
|