Information Security Analyst - SecOps
About this Position
The Role:
As Information Security Analyst - SecOps, you will be responsible for securing and protecting our infrastructure, including managing and administering various security-related technologies, platforms, and tools. You'll also provide security expertise and guidance to the team on various security-related matters. This will support the implementation of the company security strategy, compliance and risk management plan.
Key Responsibilities:
Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans.
Conduct investigation, containment, and other response activities with business stakeholders and groups.
Compose incident analysis and finding reports for management, including gap identification and recommendations for improvement.
Recommend or develop new detection logic and tune existing sensors/security controls.
Participate in security incident response through in-depth, technical (log, forensic, malware, packet) analysis.
Provide oversight of security alert detection and analysis capabilities across multiple technologies to ensure that security incidents are identified in a timely manner.
Escalate and support potential security incidents in line with appropriate processes.
Support communications of potential security incidents via multiple channels.
Participate in the response of potential security incidents by identifying and communicating relevant supplementary information.
Identify and analyze new and emerging threats to determine impacts to G-P and provide guidelines and recommendations pertaining to opportunities to strengthen G-P security posture.
Assist with information security due diligence requests as needed.
Provide security recommendations to other team members, management, and business stakeholders for solutions, enhancements to existing systems, and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Monitor, secure, and optimize AWS environments using tools like GuardDuty, CloudTrail, and Security Hub, ensuring compliance with security standards.
Conduct security reviews, perform vulnerability assessments, recommend remediation actions, and manage security policies and access controls to monitor, protect, and govern data and applications across private and cloud environments.
What We Are Looking For:
Education: Bachelor’s Degree in Information Technology, Computer Science, Business, or Engineering required, or equivalent experience.
Experience: 5+ years of information security experience, preferably in the technology industry.
Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages.
Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies and motives.
Familiarity with computer network exploitation and network attack methodologies.
Experience with cloud computing; AWS preferred
Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities
Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+
Log analysis and security content development in SIEM solutions, e.g. Google SecOps, Splunk, IBM QRadar, LogRhythm, etc.
Endpoint detection and response tools, e.g. CrowdStrike, SentinelOne, CyberArk EPM, Microsoft Defender, etc.
Incident Response playbook development, managing security incident analysis and remediation.
Network-based preventative and detective technologies like Secure Web Gateway, Private Access, IDS/IPS, firewalls, proxy servers, e.g. Netskope, Zscaler, Palo, Versa, etc.
Log analysis and security content development in SIEM solutions, e.g. Google SecOps/Chronicle preferred, Splunk, IBM QRadar, LogRhythm, etc.
Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
Strong understanding of security as it relates to DevOps (specifically in CI/CD)
Experience in SaaS, multi-tenant customer solutions
Experience with AWS security tools and best practices, including IAM, VPC security, and encryption mechanisms.
Strong understanding of security operations best practices, including email security, data loss prevention, vulnerability management, and the creation and enforcement of policies and rule-based access controls.
Join G-P and be part of building a global security framework that enables opportunities across the world!
We will consider for employment all qualified applicants who meet the inherent requirements for the position. Please note that background checks are required, and this may include criminal record checks.
About the job
Apply for this position
Information Security Analyst - SecOps
About this Position
The Role:
As Information Security Analyst - SecOps, you will be responsible for securing and protecting our infrastructure, including managing and administering various security-related technologies, platforms, and tools. You'll also provide security expertise and guidance to the team on various security-related matters. This will support the implementation of the company security strategy, compliance and risk management plan.
Key Responsibilities:
Investigate alerts, triage, deep dive, and come up with proper action items and remediation plans.
Conduct investigation, containment, and other response activities with business stakeholders and groups.
Compose incident analysis and finding reports for management, including gap identification and recommendations for improvement.
Recommend or develop new detection logic and tune existing sensors/security controls.
Participate in security incident response through in-depth, technical (log, forensic, malware, packet) analysis.
Provide oversight of security alert detection and analysis capabilities across multiple technologies to ensure that security incidents are identified in a timely manner.
Escalate and support potential security incidents in line with appropriate processes.
Support communications of potential security incidents via multiple channels.
Participate in the response of potential security incidents by identifying and communicating relevant supplementary information.
Identify and analyze new and emerging threats to determine impacts to G-P and provide guidelines and recommendations pertaining to opportunities to strengthen G-P security posture.
Assist with information security due diligence requests as needed.
Provide security recommendations to other team members, management, and business stakeholders for solutions, enhancements to existing systems, and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Monitor, secure, and optimize AWS environments using tools like GuardDuty, CloudTrail, and Security Hub, ensuring compliance with security standards.
Conduct security reviews, perform vulnerability assessments, recommend remediation actions, and manage security policies and access controls to monitor, protect, and govern data and applications across private and cloud environments.
What We Are Looking For:
Education: Bachelor’s Degree in Information Technology, Computer Science, Business, or Engineering required, or equivalent experience.
Experience: 5+ years of information security experience, preferably in the technology industry.
Hands-on security operations experience including interdisciplinary experience with two or more of the following: Cyber Threat Analysis, Incident Response, Application Security, Operating Systems Security, Networking, Programming languages.
Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies and motives.
Familiarity with computer network exploitation and network attack methodologies.
Experience with cloud computing; AWS preferred
Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities
Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CASP+
Log analysis and security content development in SIEM solutions, e.g. Google SecOps, Splunk, IBM QRadar, LogRhythm, etc.
Endpoint detection and response tools, e.g. CrowdStrike, SentinelOne, CyberArk EPM, Microsoft Defender, etc.
Incident Response playbook development, managing security incident analysis and remediation.
Network-based preventative and detective technologies like Secure Web Gateway, Private Access, IDS/IPS, firewalls, proxy servers, e.g. Netskope, Zscaler, Palo, Versa, etc.
Log analysis and security content development in SIEM solutions, e.g. Google SecOps/Chronicle preferred, Splunk, IBM QRadar, LogRhythm, etc.
Scripting and development activities to appropriately leverage Application Programing Interfaces (APIs) to optimize integrations between disparate security monitoring and analysis devices.
Strong understanding of security as it relates to DevOps (specifically in CI/CD)
Experience in SaaS, multi-tenant customer solutions
Experience with AWS security tools and best practices, including IAM, VPC security, and encryption mechanisms.
Strong understanding of security operations best practices, including email security, data loss prevention, vulnerability management, and the creation and enforcement of policies and rule-based access controls.
Join G-P and be part of building a global security framework that enables opportunities across the world!
We will consider for employment all qualified applicants who meet the inherent requirements for the position. Please note that background checks are required, and this may include criminal record checks.