JD for Business Systems Analyst 4 - 174780
Job Summary:
The Cybersecurity Operations Center (CSOC) Analyst will be responsible for security monitoring, tuning, detection, and incident response to protect information, Information Technology (IT), and Operational Technology (OT) infrastructure.
Job Responsibilities:
Provide security monitoring and incident response services supporting the mission to protect Lam and its customers' information assets
Identifying and implementing additional SIEM use cases
Act as a point of escalation for tier 1 CSOC security analysts in support of information security investigations to provide guidance and oversight on incident resolution and containment techniques
Actively participate in researching trends and current countermeasures for cyber security vulnerabilities, exploits, and other malicious activity
Act as a liaison between the CSOC and Incident Response Team
Assist in creation and maintenance of documentation for CSOC procedure and processes
Contribute to the development and improvement of security monitoring and incident response processes and solutions as required to support Lam's cyber security program
Explore opportunities for SOC maturity improvement and automation capabilities
Responsible for working in a 24x7 Cyber Security Operation Center environment
Minimum Qualifications:
Bachelor's degree or Advanced Degree in Computer Science, Information Technology, Cybersecurity, or related discipline
5+ years of experience in Information Security role
3+ years of Security Operations Center Experience
At least one of the following processional certifications required: Security+, CISSP, CISA, CISM, CEH, OSCP, GMON
Certifications preferred but not required: CCNA, Linux+, Azure Administrator, Azure Security Engineer
Required Knowledge/Skills
Solid foundation in technical domains such as: Networking, firewalls, systems administration, application development, cloud computing, and information security best practices
Knowledge in the areas of endpoint security, cloud security, network security, threat hunting, threat analysis, Digital Forensics and Incident Response (DFIR), and intrusion detection and intrusion prevention
Security monitoring experience with one or more SIEM technologies such as Azure Sentinel, Splunk, QRadar, etc.
Strong understanding of security incident management and response lifecycle
Strong verbal and written communication skills
A self-motivated person that can use their creative and experience-driven investigation skills to solve problems
Nice to Have:
Hands on experience with Microsoft security technologies such as Microsoft Defender for Endpoint, Microsoft Cloud App Security, and Azure Sentinel
Experience with Kusto Query Language (KQL)
Experience with a scripting language (Python, Bash, PowerShell, etc.)
•
Last updated on Sep 6, 2022