Position Purpose:
The Cybersecurity Analyst role at company is pivotal in fortifying the cybersecurity posture of our business customers through expert management of SOC Level 3 activities and comprehensive email hygiene practices. The position entails conducting advanced threat investigations, refining threat detection mechanisms, and ensuring robust incident response capabilities to prevent and address cyber threats. By proactively managing the organization's digital footprint and collaborating with threat intelligence teams, the successful candidate will play a crucial role in mitigating risks and safeguarding the company's information assets in cyberspace.
Key Responsibilities:
- Lead Level 3 SOC escalations by performing comprehensive investigations of advanced cybersecurity threats, alerts, and incidents to enhance the company’s threat response capabilities.
- Develop and optimize Security Information and Event Management (SIEM) rules, playbooks, and threat detection mechanisms to improve proactive monitoring and defense strategies across the organization’s networks.
- Conduct thorough root cause analyses of critical security incidents, offering data-driven recommendations to prevent recurrence and strengthen the organization’s overall security posture.
- Support incident response activities through effective containment, eradication, and recovery efforts, ensuring rapid and efficient resolution of cybersecurity incidents.
- Manage and enhance email security platforms to safeguard against phishing, malware, and advanced cyber threats, implementing preventative measures and optimizing email hygiene practices.
- Monitor and mitigate the organization’s digital footprint in cyberspace, identifying potential vulnerabilities and threats from external sources, including social media and the dark web.
- Collaborate with cross-functional teams, including threat intelligence and incident response units, to incorporate relevant threat data into operational workflows and improve collective security measures.
- Work with stakeholders to address risks associated with exposed or sensitive data in public-facing domains, ensuring proactive measures are in place to protect against data exploitation.
Direct Manager Direct Reports:
Reporting Structure:
The Cybersecurity Analyst will report directly to the Cybersecurity Manager within the company. This position does not carry supervisory responsibilities, and there are no direct reports for this role. The role is integral to supporting the Cyber Operations team’s mission in safeguarding the organization’s digital assets and enhancing threat detection, response, and mitigation capabilities.
Travel Requirements:
The Cybersecurity Analyst role at the company may require occasional travel to various company locations across the United States for purposes of security audits, team collaboration, and advanced threat investigation, not to exceed 20% of the work schedule.
Physical Requirements:
The physical demands for the Cybersecurity Analyst position are typical of those required in an office-based environment. The role involves prolonged periods of sitting and working on a computer, as well as occasional standing, walking, and reaching to retrieve or file documents and materials. The ability to communicate effectively using both verbal and written forms is essential for this position, as is the capability to read and analyze data displayed on computer screens and printed materials.
The role may also entail the occasional need to lift and transport equipment or materials weighing up to 25 pounds. Reasonable accommodations will be made to enable individuals with disabilities to perform these essential functions, ensuring equal access to employment opportunities and a supportive work environment. Candidates requiring specific adjustments are encouraged to communicate their needs to our Human Resources department.
Working Conditions:
The working conditions for the Cybersecurity Analyst at the company reflect a dynamic and collaborative environment centered in our corporate office located at 7440 S. Hwy 121, McKinney, TX 75070. This is an onsite position, where the successful candidate will engage in a fast-paced and deadline-driven atmosphere, designed to tackle complex cybersecurity challenges with precision and efficacy. The role demands a high level of adaptability and responsiveness, as it involves critical SOC Level 3 operations requiring thorough investigations and timely interventions. The office is equipped to support an engaging and progressive work culture that values teamwork, technical excellence, and strategic thinking in managing cybersecurity operations and safeguarding our digital landscape.
Minimum Qualifications:
- Education & Experience:
- Bachelor’s degree in Cybersecurity, Computer Science, or a related field, or equivalent professional experience.
- Demonstrable experience in managing advanced cyber incidents and supporting Incident Response (IR) teams.
- Technical Proficiencies:
- Robust understanding of email security protocols, including SPF, DKIM, and DMARC.
- Proficiency in email security platforms such as Proofpoint, Mimecast, or Microsoft Defender.
- Skill Set:
- Expertise in analyzing and interpreting security threats and patterns.
- Strong analytical thinking and problem-solving abilities, capable of addressing complex cybersecurity challenges.
- Strong communication skills, with the capacity to articulate technical concepts effectively to non-technical stakeholders.
- Ability to collaborate efficiently within a team as well as independently tackle intricate problems.
This position requires a proactive approach to enhancing threat detection, response, and mitigation capabilities within our Cyber Operations team. The candidate will be instrumental in managing the organization’s cybersecurity posture, particularly focusing on Level 3 Security Operations Center (SOC) tasks and email security.
Preferred Qualifications:
1. Advanced Technical Certifications:
- Possession of industry-recognized certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) which demonstrate proficiency in the field of cybersecurity.
2. Specialized Experience in Threat Intelligence:
- Proven track record of effectively integrating threat intelligence data into security operations to enhance the organization’s proactive threat detection and response strategies.
3. Expertise in Security Information and Event Management (SIEM) Tools:
- Extensive experience in configuring and optimizing leading SIEM platforms, such as Splunk, ArcSight, or QRadar, for advanced threat analytics and comprehensive security visibility.
4. Proficiency in Scripting and Automation:
- Competence in writing scripts in languages such as Python, PowerShell, or Bash to automate repetitive tasks, streamline security operations, and enhance incident response efficiencies.
5. In-depth Knowledge of Advanced Persistent Threats (APTs):
- Demonstrated ability to analyze and respond to sophisticated APTs, employing both strategic and tactical measures to safeguard enterprise environments against complex cyber threats.
6. Experience in Cloud Security:
- Familiarity with securing cloud platforms (e.g., AWS, Azure, Google Cloud) and understanding cloud-native security tools and practices to protect sensitive data and maintain regulatory compliance.
7. Project Management Skills:
- Ability to lead and execute cybersecurity projects that involve cross-functional teams, managing resources and timelines efficiently to achieve strategic security objectives.
8. Strong Analytical and Decision-Making Abilities:
- Ability to synthesize complex datasets and threat information, enabling timely decision-making that mitigates risks and enhances the security posture of the organization.
By incorporating these preferred qualifications, candidates will demonstrate a robust understanding and capability in addressing the dynamic challenges in cybersecurity, aligning with the company's commitment to maintaining the highest standards of digital protection and resilience.
Minimum Education:
A Bachelor's degree in Cybersecurity, Computer Science, or a related field, or equivalent experience, is required.
Preferred Education:
An advanced degree in Cybersecurity, Information Technology, or a closely related discipline is highly valued, further enhancing capabilities in threat detection and digital footprint management.
Minimum Years Of Work Experience:
Minimum of three years of relevant work experience in cybersecurity analysis, with demonstrated expertise in handling advanced cyber incidents and integrating threat intelligence into operational workflows.
Certifications:
Certified Information Systems Security Professional (CISSP) - Preferred
Certified Information Security Manager (CISM) - Preferred
Certified Ethical Hacker (CEH) - Preferred
GIAC Certified Incident Handler (GCIH) - Preferred
Possession of these certifications will enhance your candidacy, demonstrating a high level of proficiency and commitment to excellence in the dynamic field of cybersecurity.
Competencies:
1. Advanced Threat Detection and Incident Response:
Proficiency in identifying, analyzing, and responding to complex security threats and incidents, ensuring swift mitigation and recovery to maintain organizational integrity.
2. SIEM Configuration and Management:
Expertise in developing and optimizing Security Information and Event Management (SIEM) systems to enhance threat monitoring and improve detection capabilities through custom rule and playbook development.
3. Email Security and Hygiene Management:
Advanced knowledge in managing email security protocols and platforms, focusing on protection against phishing, malware, and business email compromise (BEC), alongside implementing robust email hygiene policies.
4. Digital Footprint Analysis and Risk Management:
Capability to monitor and secure the organization’s digital presence across various platforms, identifying vulnerabilities and implementing strategies to prevent data exploitation and unauthorized data exposure.
5. Interdepartmental Collaboration and Stakeholder Engagement:
Effective communication and partnership with internal teams and external stakeholders, ensuring a cohesive approach to cybersecurity threat intelligence integration and data protection strategies.
6. Analytical Thinking and Problem Solving:
Strong analytical skills to conduct root cause analysis on security incidents, providing innovative and actionable solutions to prevent the recurrence of similar threats and enhance security posture.
7. Communication of Technical Concepts:
Ability to convey complex technical information clearly and effectively to non-technical personnel, ensuring comprehensive understanding across the organization.
8. Autonomous and Collaborative Work Style:
Demonstrated ability to work independently in resolving complex security challenges, while also contributing effectively within a collaborative team environment to address and mitigate cyber threats.
Not the right job for you? Register your details at the 'Introduce Yourself' link (top right) and we'll be in touch!Job Location: SRS Distribution - McKinney7440 State Highway 121 McKinney, TX 75070-3104
Competitive weekly/bi-weekly pay, discretionary bonuses, 401(k) with company match, Employee Stock Purchase Plan, paid time off (vacation, sick, volunteer, holidays, birthday, floating), medical/dental/vision, flexible spending accounts, company-paid life and short-term disability, plus optional long-term disability, and additional life insurance. All benefits subject to eligibility.
Should a Candidate be submitted to fill a position by a recruiting or staffing services agency (“Agency”), the Company has no obligation to pay the Agency any fee for submission, offer, placement or any service without a fully executed contract of service covering the engagement.
