Sr. Cybersecurity Operations Analyst

This position is responsible for cybersecurity operations and defense including threat assessment, incident handling, and managing vulnerabilities against Atlas Air Global Technology environment., This position will be responsible for security event monitoring, vulnerability assessments, web application penetration tests, integrity checking, and maintaining necessary standards & controls, and procedures. Here is what you will do:

Cyber Defense

• Design, implement, and leverage advanced detections using SIEM and SOAR technology

• Develop innovative custom detection rules and automated remediation, playbooks, and alerts tailored to the organization's threat landscape for enterprise and customer security.

• Leverage industry standard MITRE frameworks to identify detection coverage and address gaps.

• Evaluate, validate, tune, and sunset detection capabilities to optimize Alert to Incident ratio

• Maintains operational playbooks and workbooks to improve security detection and response

• Participate directly in the security incident response process and effectively contribute to the containment and eradication of threats and recovery of technology from cybersecurity incidents.

• Monitor multiple sources of incident reporting (mailboxes, hotlines, external sources) and optimize response times through automated routines

• Propose and define new SIEM content and monitoring use cases as needed upon emergence of new applications, threats, and policies.

• Monitor and resolve security alerts from the SIEM and other security systems, as well as those escalated by the MSV providing SOC services, for potential threats and compliance issues.

• Improve detection systems for performance, scalability, and cost effectiveness.

Threat/Vulnerability Management

• Conduct threat modeling to proactively identify and address security risks before exploitation.
• Perform security evaluations on hybrid cloud environment and recommend prioritized actions
• Perform attack simulation testing to validate efficacy of use cases and purple teaming exercise
• Monitor industry security advisories and prioritize advancing threats and recommend mitigations
• Coordinate with System Operations on vulnerability patching cycles to reduce mean time to remediate significant vulnerabilities
• Guide the organization on security best practices and promote a security minded company culture

Do you have experience in Windows support?, Do you have a Bachelor's degree?, * 5+ years' experience in Security Operations or related IT operational roles.

• Hands-on experience with relevant Technology Environment and Security Tooling including:

• Security monitoring and incident response (Microsoft Defender and Sentinel)
• Vulnerability management tools and processes (Tenable, Burpsuite, CSPM, Managed Engine)
• Endpoint, network, and identity security controls (Defender, Cisco, Citrix, Palo Alto)
• Microsoft Windows Administration (AD/Azure AD, Entra ID, Exchange, Sharepoint, etc.)
• Cloud security operations (AWS, GCP, Azure, O365)
• Windows and Linux operating systems

• Demonstratable experience with analyzing security events, effectively identifying suspicious activity, and handling incidents, effectively responding to threats in a hybrid environment
• Working knowledge of common attack techniques targeting multi-national organizations and aviation and translating to TTP from MITRE ATT&CKS.
• Experience developing detection logic and threat hunting queries using Microsoft KQL, or similar query languages
• Deep understanding of applicable security requirements for DISA STIG, Cloud Security Requirements Guide, and CIS Benchmarks and ability to effectively advise in tailoring for specific business needs.
• Ability to work effectively in a government regulated organization including familiarity with NIST 800-53 Revision 5 and Capability Maturity Model
• CISSP or GIAC (GSEC, GCIA, GCFA, GCIH, GCWN) or similar certification strongly desired.
• Ability to work overtime during critical peaks, be available to meet last minute requests for overtime
• Ability to work both independently and as part of a team in a dynamic environment
• Ability to obtain Microsoft Security Operations Analyst Certification SC-200 within one year of hire
• Ability to acquire and maintain Top Secret or Secret clearance as required
• S. Degree in Computer Science or related field.

3.43.4 out of 5 stars Greenwich, CT $135,500 - $183,000 a year

Join Atlas Air Worldwide. Move the World with Us! At Atlas Air Worldwide, we're not just an airline, we're a global engine powering cargo, passenger, and leasing operations across more than 70 countries. As a leader in outsourced aviation logistics, we're built on a foundation of safety, service excellence, integrity, innovation, teamwork, and responsibility. With over 30 years of history, a modern all-Boeing fleet, and nearly 5,000 teammates collaborating across operations, technical, and corporate functions, we're driven by purpose., At Atlas Air Worldwide, we believe in the power of people, the promise of innovation, and the responsibility we hold to each other, to our customers, and to the planet. Join us and be part of a team that lifts more than cargo; we lift ambition.