Senior SailPoint Operations Analyst
The role of the Security & Infrastructure Analyst is responsible for configuration and management of our security tools, SIEM/SOAR platform, and runbooks. The role will also assist with Threat Hunting activities and will serve as an escalation point from the SOC for Incident Response. The ideal candidate will be self-directed and able to work effectively in a diverse team environment with little to no direct supervision.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Assist in the configuration and maintenance of security tools and applications used within our infrastructure.
Assists with Cyber Incident Response for events discovered through daily operations.
Reviews asset discovery and vulnerability assessment data and explores ways to identify stealthy threats that may have found their way inside the network, without detection, using the latest threat intelligence.
Automation of security related tasks using scripts, runbooks and SOAR platforms.
Supports the evaluation and implementation for security products/services.
Offers subject matter expertise and guidance to Desktop Support Technicians specific to the endpoint protection technologies as well as malware remediation.
Routinely provides after-hours on-call support for critical systems and emergency response and support to computer and network cyber incidents.
Engage in continuous tool improvement, process improvement and documentation activities to further enhance the Organization’s security posture.
Assist security engineers and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of organizational security policy and enterprise solutions.
Stay current on security trends and industry best practices; provide input and recommendations based on research.
Perform other related duties as assigned in accordance with qualifications.
Provide operational and functional security metrics.
KNOWLEDGE / SKILLS REQUIRED:
Excellent understanding of Vulnerability Management Lifecycle, Cyber Kill Chain, Cloud Kill Chain, FFIEC CAT, NIST CSF, ISO2700 and PCI.
Can perform root-cause analysis during a security event.
Comfortable with Python, Perl, C#, Java or other OOP language.
Some forensics knowledge is preferred but not required.
Comfortable using data visualization tools or willing to learn.
Good understanding of server-client computing environments.
Strong understanding of firewall, OSI Model, Networking concepts.
Excellent written and verbal communication skills along with the ability to absorb and present large amounts of detail through various forms of communications to any level of Business Users, IT Management or technical roles.
A minimum of 3 years of combined experience in information security, information technology and related services and management. Experience in the FinTech or Financial Services industry is a plus.
Experience on small-to-medium, complex projects that have state and/or enterprise-wide impact and require subject matter expertise of process improvement areas and process improvement tools.
EDUCATION / CERTIFICATIONS REQUIRED:
Bachelor’s degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred.
Certification in one or more of the following areas will be desired but not required: Certified Information Security Professional (CISSP), GIAC Security Essentials Certification (GSEC), Certified Ethical Hacker (CEH), CompTIA Security+, CompTIA Network+, and/or Microsoft Certified Solutions Expert (MCSE), Cisco CCNA, CCNP.