Sr. Security Threat Analyst - Cloud
The IT Security Threat Analyst will be part of the threat operations and security monitoring team. They will have primary responsibility for working with cloud support teams, cybersecurity incident responders, threat hunters and security architects to design, implement, and support logging, monitoring, and alerting across multiple cloud platforms in the SIEM. The analyst will be working with administrators of the SIEM to produce data sets and alerts for each cloud tenant they support. These alerts will be actioned by the SOC and CSIRT teams. They will independently develop, maintain, and implement comprehensive information security monitoring programs including defining security policies, processes and standards for large and complex environments. Provide consultative guidance on the development of information security strategies and programs through demonstrated expertise and knowledge of industry trends and changes with respect to advanced and sophisticated cyberattacks and threats. Lead efforts, oversee work results, provide formal training and serve as a technical resource for Information Security team members.
Essential functions:
- Participates in design, implementation, of logging and monitoring processes across various cloud environments
- Tracks and documents security issues and requests, actively monitors work queue.
- Accountable for follow-up of all security work requests including collaborating with other IT areas to ensure timely completion/resolution and obtainment of appropriate approval levels
- Works closely with business areas and IT partners on troubleshooting, pre-implementation activities and to assess application security
- Maintains and creates operational procedures
- Acts as lead liaison for internal and external audit requests and activities. Leads remedial activities as the result of audit findings
- Defines scope of operational initiatives and adjusts priorities to support workload
- Provides subject matter expertise, leadership, and guidance to work teams and end users on security policies, standards, procedures, and processes
- Investigates business processes to understand and implement security requirements weighing business needs and security risks and resolving issues
- Research solutions and work with vendors to enhance Security Monitoring Program
- Develops training content as needed
- Design, monitor, and build alerting capabilities for our systems and tools
- Correlates and analyzes threat data from various sources
- Independently conducts industry research and technical evaluation of all-sources and vendor supplied intelligence--with specific emphasis on network operations and advanced and sophisticated cyber tactics, techniques, and procedures
- Subject matter expert in the detection and identification of cyberattack signatures, tactics, techniques, and procedures associated with advanced threats
- Leading assessments and development of cyber threat profiles of current events based on collection, research, and analysis of open-source information
Required Experience:
- 3+ years of related work experience working with Cloud technologies (Oracle, AWS, Azure, Google), preferably within Cloud security, logging, monitoring, and alerting
- 6+ years' experience in IT Security or combination of IT related fields
- CISSP (or attainable with 6 months of employment) or CEH, CISM, etc.
- Hands on experience with security architecture, security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances tools, and controls with specific demonstrated experience in proactive detection of advanced cyberattacks and/or threats
- Proven success in information threat analysis and detection concepts and principles and impact
- Experience working and managing vendor performance and service level agreements
- Demonstrated success in regularly communicating highly complex technical information clearly and articulately for all levels and audiences.
- Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
- Ability to adapt to a rapidly changing IT Security landscape and quickly identify new trends and industry changes
- High critical thinking skills required to evaluate complex, multi-sourced security intelligence information, analyze, and confirm root cause, an independently identify mitigation alternatives and solutions that safeguard our technical environment.
- Ability to communicate technical information clearly and articulately, to all levels and audiences within the company
- Understanding of the systems development life cycle
- Advanced analytical thinking, problem solving, quantitative analysis ability
- Must have an advanced understanding of Information Security concepts, protocols, industry best practices, and regulatory requirements
- Must have advanced proficiency with Active Directory groups and user accounts, Windows folder structures and folder security
- Proficiency with Windows skills are required, e.g., Windows Explorer, Word, Excel, PowerPoint, Outlook, etc.
- Proficiency with database security and tools used to administer security within the various databases, e.g., UDB, DB2, SQL, Oracle, etc. is a plus
- Bachelor's degree or equivalent experience
Preferred Experience/ Qualifications
- Experience w/ Cloud logging, monitoring, and multi-provider security monitoring, including CASB
Experience performing SIEM rule development
- Strong math and/or statistical analysis experience
- Strong knowledge of network communications
- Demonstrated success in detailed documentation
General Physical Demands
Exerting up to 10 pounds of force occasionally to move objects
Jobs are sedentary if traversing activities are required only occasionally.
We are an Equal Opportunity/Protected Veteran/Disabled Employer committed to creating a diverse, inclusive, and equitable culture for our employees and communities
Top Skills
What We Do
GuideWell Mutual Holding Corporation is a not-for-profit mutual holding company that is the parent to a family of forward-thinking companies focused on transforming health care.
We’re at the forefront, forging ahead by innovating, collaborating and advocating for better health. We help people make sense of this new world, forming an integrated ecosystem of products and services and ensuring they get the best experience. We’re relentlessly building and refining to drive higher efficiency and exceptional care.
GuideWell – Built for the future of health.