Senior Security Operations Analyst Senior Security Operations Analyst …

S&P Global
in Richmond, VA
Permanent, Full time
Be the first to apply
Competitive
S&P Global
in Richmond, VA
Permanent, Full time
Be the first to apply
Competitive
Senior Security Operations Analyst
Grade ( relevant for internal applicants only ): 10 The Team: SOC team is responsible for the ongoing, operational component of enterprise information security. Security operations center staff consists primarily of security analysts who work together to detect, analyze, respond to, report on, and prevent cybersecurity incidents. The Impact: The S&P Global Security Operations Center (SOC) is the first line of defense for Information Security. Functioning as part of a global Cyber Defense team, The SOC reviews critical alerts, enhances security, investigates incidents, performs forensic analysis, and triages cyber events on around the clock basis. What's in it for you: S&P Global is in the process of building a brand new global in-house security operations center. A unique and exciting opportunity to assist building and being part of a new team. Help develop a team with your input. Compensation/Benefits Information (US Applicants Only): S&P Global states that the anticipated base salary range for this position is $68,300 to $141,800. In addition to base compensation, this role is eligible for an annual incentive bonus. This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, visit https://www.spgbenefitessentials.com/newhires . Responsibilities:
  • Monitor and respond to alerts generated by our enterprise security tools.
  • Triage issues escalated by the Cyber Defense team ensuring quick and appropriate follow-up actions are taken.
  • Develop and tune cybersecurity alerts and dashboards.
What We're Looking For:
  • Triage and investigate cybersecurity alerts.
  • Monitor and respond to alerts generated by our enterprise security tools.
  • Triage issues escalated by the Cyber Defense team ensuring quick and appropriate follow-up actions are taken.
  • Develop and tune cybersecurity alerts and dashboards.
  • Improve our detection capabilities by building and enhancing alert rules and actively hunting for evidence of malicious activity.
  • Operate and maintain security tooling and platforms.
  • Develop and continually improve SOC playbooks to ensure we efficiently and effectively analyze and respond to security alerts.
  • Work closely with the Incident Response Team to ensure time sensitive actions are performed quickly and diligently.
  • Work on various internal projects/initiatives such as UAT and POC of new SOC tools, working cross functionally with other teams/departments as a stakeholder.
  • Ongoing mentoring and coaching of Tier I Analysts
  • Perform whitelisting/filtering of false positive signals
  • Block malicious network traffic and isolate infected hosts on internal networks
  • Participate in working with the Security automation team in developing cutting edge security enhancements
Basic Qualifications:
  • Relevant degree in Computer Science, IT Security, IT Management, IT Support, or related discipline is preferred.
  • 3+ years' full-time experience in a Security Operations Centre or similar Cyber Security Analysis role excluding time spent on an intern or work experience program
Preferred Qualifications:
  • Hands-on experience in at least one of the following Security domains;
  • Network Security including Intrusion Detection Systems (IDS)
  • Windows Endpoint Security, using EDR products such as VMware Carbon Black Response/Threat Hunter, Crowdstrike Falcon, SentinelOne or Microsoft Defender ATP.
  • SIEM/Log Management with previous experience with Splunk preferred.
  • Knowledge and experience of network and endpoint security technologies including; Snort/Suricata, Packet Capture (PCAP) Analysis using Wireshark
  • Windows system internals, knowledge of PowerShell
  • Linux Kernel and basic scripting (Bash/Python) knowledge
  • Analytical mind with strong attention to detail and a commitment to quality of service
  • Natural ability to thrive in a fast-paced and time-sensitive environment
  • Strong understanding of cloud security fundamentals for platforms such as AWS and Microsoft
At S&P Global, we don't give you intelligence-we give you essential intelligence. The essential intelligence you need to make decisions with conviction. We're the world's foremost provider of credit ratings, benchmarks and analytics in the global capital and commodity markets. Our divisions include S&P Global Ratings, S&P Global Market Intelligence, S&P Dow Jones Indices and S&P Global Platts. For more information, visit www.spglobal.com S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race/ethnicity, sex, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment. If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.

The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.

20 - Professional (EEO-2 Job Categories-United States of America), IFTECH202.1 - Middle Professional Tier I (EEO Job Group)

Job ID: 259775
Posted On: 2021-03-09
Location: Richmond, Virginia, United States
S&P Global logo
More Jobs Like This
See more jobs
Close
Loading...
Loading...