Descripción del Trabajo
This position currently works remote due to COVID-19 precautions. The expectation is to be an on-site position in the future.
Performs advanced monitoring and reporting of security events. Administrates security tools and devices ensuring proper functionality. Conducts investigations providing all required data for incident response.
ESSENTIAL DUTIES AND RESPONSIBILITIES
- Supports 24/7 global operations responding to security events in the environment; on-call as required.
- Performs advanced monitoring of security events; studies and reviews device security logs.
- Investigates a variety of events by correlating data from various sources to determine the risk to Jabil.
- Performs advanced incident analysis from logs and monitoring activities.
- Assists in large-scale security incidents, investigation, and response activities; advises on remediation.
- Creates/refines log monitoring reports, searches, or basic investigative tools to enhance monitoring.
- Handles escalations from SOC Security Analysts I.
- Performs analysis of the environment (e.g. port scans, activity monitoring, intrusion detection).
- Performs intermediate-level Health Checks and routine administration for security tools.
- Differentiates between security events or incidents to initiate incident response actions appropriately.
- Participates in IT security or customer audit activities.
- Performs mentoring and education for security staff members.
- Drives continuous improvement through trend reporting analysis and metrics management.
- Assures procedures and work instructions are efficient and not redundant.
- Identifies and implements new analytic methods for detecting threats.
- Anticipates and meets customer expectations by solving problems quickly and effectively.
- Maintains confidentiality in all security activities whether internal to Jabil or customer specific.
- Interprets a variety of instructions furnished in written, oral, diagram or schedule form.
- Lead small projects/initiatives as assigned.
- May perform other duties and responsibilities as assigned.
JOB QUALIFICATIONS / KNOWLEDGE REQUIREMENTS
- Ability to define problems, collect data, establish facts, and draw valid conclusions.
- Ability to effectively communicate analytical data to varied audiences, including executives.
- Ability to influence and build credibility as a peer through strong interpersonal and leadership skills.
- Ability to perform well under significant enterprise-wide pressure with a sense of urgency.
- Bachelor's degree in Computer Science, Information Systems, or related field or 3-5 years Security Operations, Network Administration or equivalent knowledge.
- Security related certifications: Security + or GSEC and GCIH
- Strong working knowledge of perimeter technologies (e.g. firewalls, proxies).
- Strong working knowledge of security tools (e.g. SIEM, NetFlow, IDS/IPS, endpoint solutions, DLP).
- Strong working knowledge of networking (TCP/IP, network architecture) and packet capture and analysis.
- Advanced technical knowledge of operating systems, network services, applications, and security logging.
- Or an equivalent combination of education, training or experience
- Master's degree in Information Security, Cybersecurity, or Computer Network Defense.
- Relevant security related certifications a plus: GCIA, GCED, GMON, CEH, CCNA, CySA +
- Previous experience in scripting or programming (e.g. Python, PowerShell, PERL, Splunk SPL).
- Direct experience in an enterprise-level Cyber Incident Response Team or Security Operations Center.