Information Security Operations Analyst
Role details
Job location
Tech stack
Job description
As an analyst on our Security Analytics team, you will play a pivotal role in enhancing our organization's security posture. This role requires a blend of technical expertise, analytical skills, and a keen eye for detail. The Security Analytics team is a core function of the Cyber Fusion Center, part of BD Security Operations, responsible for proactively monitoring BD's attack surface and detecting active cyber threats. This proactive monitoring enables other Security Operations teams and associated stakeholders to drive remediation of identified risks.
- Coordinate with infrastructure teams in the testing, implementing, deploying, maintaining, reviewing, and administering of monitoring infrastructure.
- Develop content for monitoring infrastructure (SIEM, Netflow, etc.), including Use Cases, Dashboards, Reports, Rules, Filters, and Trends.
- Optimize data flows using aggregation, filters, etc.
- Develop, maintain, and disseminate documentation (Playbooks, SOPs, Work Instructions) required to effectively maintain controls effectiveness and demonstrate return on investment.
- Coordinate with Incident Response (IR), Threat Detection & Response (TDR), Threat Intelligence (TI), and Vulnerability Management (VM) analysts to manage and administer the updating of rules and signatures for monitoring business-critical systems and applications.
- Identify potential conflicts with the implementation of monitoring tools within the Security Analytics area of responsibility.
- Assist in identifying, prioritizing, and coordinating the monitoring of critical business infrastructure and key resources.
- Communicate technical information to non-technical audiences and advise staff on Cybersecurity issues and approaches.
Requirements
-
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
-
Excellent analytical and problem-solving skills.
-
Ability to act independently and execute with limited information and ambiguity.
-
Detail-oriented with the ability to promptly assess logs for accuracy and consistency.
-
Strong interpersonal skills with the ability to influence others positively and effectively.
-
Ability to work in a team environment.
-
Excellent communication skills, both oral and written.
-
Previous experience in network monitoring platforms.
-
Proven ability to act independently and to execute with limited information and ambiguity.
-
Experience in developing content for monitoring infrastructure, including Use Cases, Dashboards, Reports, Rules, Filters, and Trends.
-
Preferred Certifications: CISSP, GIAC Practitioner certifications, etc.
-
In-depth knowledge of security concepts, cyber-attacks and techniques, threat vectors, risk management, and incident management.
-
Strong analytical, problem-solving, and interpersonal skills.
-
Excellent communication skills, both oral and written.
-
Ability to work effectively in a team environment and communicate technical information to non-technical audiences.