Job Title: Security Operations Analyst Opportunity in San Francisco, CA
Company: Ursus, Inc.
The Security Operations Analyst proactively manages security events and activities to reduce the impact of security incidents and system compromises. The successful candidate will provide security monitoring, threat analysis, trend analysis, troubleshooting of security device monitoring and incident investigation using infrastructure and applications logs from across the enterprise. In addition, the Security Analyst role will also initiate and resolve security operation activities per procedures.
Monitor and analyze security events
Own and manage tickets from start to resolution
Research and identify key indicators of malicious activities on the network and end user workstations
Independently follow procedures to contain, analyze, and eradicate malicious activity
Documents additional troubleshooting steps, turn-up processes, security analysis methods, and technical details for daily operational solutions for assigned security services portfolio.
Analyze a variety of application, network, and system security logs to determine the correct remediation actions and escalation paths for each incident.
Review industry and vendor security alerts for vulnerabilities and security issues. Work with Infrastructure team to create mitigation solutions based on vendor advisories.
Initiate escalation procedure to counteract potential threats/vulnerabilities
Experience working within a Security Operations Center or equivalent experience performing computer security incident detection & response activities
Experience with Security Information and Event Management (SIEM) tools
Previous experience troubleshooting day-to-day operational processes such as report generation, data verification, data correlation, etc.
Programming/scripting skills in at least one of following: Python, Perl, PowerShell
Ability to effectively identify, analyze, and malware
Working knowledge of infrastructure security tools such as firewalls, network security monitoring (NSM), anti-malware, content management, OS hardening, etc.
Knowledge of common application/system vulnerabilities, threat actors and mitigations
Knowledge of both technical and operational network security fundamentals
Understanding of TCP/IP and common protocols (HTTPS, SSH, FTP, etc.)
Familiarity with OS X, Linux, and Windows systems
Excellent oral, written and documentation skills
Flexibility to participate in on-call rotation
Undergraduate degree required; B.S./B.A. Computer Science, Computer Engineering preferred
2+ years work experience
Experience with AWS