GIS Senior Security Analyst
Location:
Santa Monica , California
Posted:
July 19, 2017
Reference:
LEG00004L
The Global Information Security Senior Analyst is a highly-technical role and an in-house subject matter expert who diligently assists with the improvement of information security across the organization by understanding the threats it faces. Their primary responsibilities are (but not limited to): intrusion analysis, incident handling, digital forensics, developing thorough incident reports, mentoring and technical security research. Possibility of working remotely, preference being working out of Santa Monica, California.

This position will be responsible for leveraging security related data from internal 'sensors' (e.g. SIEM, firewalls, IDS, routers, proxies, hosts etc.) and external sources (vendors, industry working groups, law enforcement etc.) in an effort to implement effective mitigations, and reviewing appropriate data sources for indications of adversarial activity.
This role reports into Global Information Security team and maintains strong relations with all Line of Business technology groups. This person will work closely with a number of key individuals and teams to investigate and forensically examine potentially compromised systems as well as identifying, alerting, and responding to mitigate computer security incidents.

Responsibilities include, but are not limited to:

  • Assists with incident management response and analysis services on behalf of the Information Security function as a primary member of the computer security incident response team (CSIRT), including Tier 1 through 3 analysis for the full scope and lifecycle of incident response (i.e. identification through closure including post-mortem and lessons learned) following industry established best practices in addition to being in accordance with Company-specific policies and standards
  • Respond to emerging threats such as APT and other forms of targeted attacks, organized crime, etc
  • Perform detailed forensic analysis of assets, including logs, malware samples, hard drive images, etc.
  • Reconstruct events of a compromise by creating a timeline via correlation of forensic data
  • Malware analysis and other attack analysis to extract indicators of compromise.
  • Reviewing audit trails for unauthorized access attempts or other information security violations
  • Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks
  • Analyze previously unknown malware utilizing static and dynamic methods to determine its behavior and impact on endpoints as well as build a list of indicators of compromise
  • Expectation of off-hours support, responsiveness and availability in response to security related incidents, material developments which could create risk to the Company, known threats etc.
  • Communicate effectively with representatives of the Lines of Business, technology specialists, and vendors.

Some international travel required

Qualifications:

  • Demonstrated continued independent involvement within cyber security-specific communities at any scale (e.g., groups, organizations, conferences) or equivalent activity that seeks to maintain small and large scale awareness of major security topics and events (Globally) preferred
  • Demonstrated exceptional passion and drive for cyber security as evidenced by self-driven past accomplishments that had significant positive impact to shareholders preferred
  • Strong host and network based forensics skills.
  • Coding (scripting) experience e.g. Perl, VB Script, Python, etc
  • Effective technical skills to understand the ramifications of various system security recommendations and decisions
  • Experience conducting detailed log analysis and correlation
  • Hands on Malware analysis experience - dynamic and static.
  • Good understanding of SIEMs and similar technologies
  • Knowledge of industry good practice for foundational security elements including network device and system-level hardening.
  • Ability to assess security incidents quickly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting the operational and reputational impact
  • Excellent oral/written communication, problem solving and analytical skills
  • Ability to work independently and as part of a team to achieve desired objectives and project results
  • Ability to interface effectively and decisively with all levels of management, departments and outside vendors.
  • Ability to identify both tactical and strategic solutions.

A little about us:
We are lucky to work in a business where imagination, creativity, and play aren't only encouraged, they're required.

Know someone who would be interested in this job? Share it with your network.