Cyber Security Analyst III

$87,500 - $140,000/Yr

Karl Storz - El Segundo, CA

posted 3 months ago

Full-time - Mid Level
El Segundo, CA
Miscellaneous Manufacturing

About the position

KARL STORZ is currently seeking a Cyber Security Analyst III to join our team in El Segundo, CA. This role is critical in safeguarding our organization against cyber threats by detecting, responding to, and mitigating risks associated with our infrastructure, which includes software, hardware, and networks. The successful candidate will take a lead role in investigating advanced and targeted attacks, coordinating efforts with incident response teams and senior management to ensure a robust security posture. In this position, you will proactively monitor and analyze events and alerts from our Security Information and Event Management (SIEM), Network Detection and Response (NDR), Endpoint Detection and Response (EDR), and IT Detection and Response (ITDR) systems. Your focus will be on identifying complex and sophisticated threats, as well as new attack vectors that could compromise our systems. You will conduct advanced monitoring and analysis of computer networks, utilizing cutting-edge tools and techniques to detect and respond to security issues effectively. As a leader in the cybersecurity team, you will analyze malware, phishing, application, and network-based attacks, identifying new patterns and trends while developing proactive mitigation strategies. You will also be responsible for documenting all actions, decisions, and outcomes throughout cybersecurity incidents, ensuring comprehensive reporting and knowledge sharing across the organization. Additionally, you will drive the development and improvement of cybersecurity incident playbooks, incorporating best practices and lessons learned from previous incidents and industry standards. Your role will also involve leading Blue/Red Team exercises, designing and executing advanced attack simulations to identify and address critical vulnerabilities in our IT infrastructure. You will develop and maintain robust incident response management plans and processes, regularly reviewing and updating them to align with industry standards and evolving threats. Staying informed about relevant security bulletins and forums will be essential, as you will provide timely updates and recommendations to the team and stakeholders. Furthermore, you will conduct in-depth analyses of emerging threats and their potential impacts on our environment and systems, collaborating closely with other teams to implement proactive security measures. Other duties may be assigned as needed, demonstrating your leadership skills and contributing to the strategic direction of the cybersecurity function.

Responsibilities

  • Proactively monitor and analyze events, alerts, and from our SIEM, NDR, EDR, and ITDR to detect and respond to complex and sophisticated threats, with a focus on identifying new attack vectors.
  • Conduct advanced monitoring and analysis of computer networks, utilizing advanced tools and techniques to detect and respond to security issues.
  • Lead the analysis of malware, phishing, application, and network-based attacks, identifying new patterns and trends, and developing proactive mitigation strategies.
  • Lead the documentation of all actions, decisions, and outcomes throughout the duration of a cybersecurity incident, ensuring comprehensive reporting and knowledge sharing.
  • Drive the development and improvement of cyber security incident playbooks, incorporating best practices and lessons learned from previous incidents and industry standards.
  • Lead Blue/Red Team exercises, designing and executing advanced attack simulations to identify and address critical vulnerabilities and weaknesses in IT infrastructure.
  • Develop and maintain robust incident response management plans and processes, regularly reviewing and updating them to align with industry standards and evolving threats.
  • Take ownership of monitoring relevant security bulletins and security forums, providing timely updates and recommendations to the team and stakeholders.
  • Conduct in-depth analysis of emerging threats and their potential impacts to the environment and systems, working closely with other teams to implement proactive security measures.
  • Perform other duties as assigned, demonstrating leadership skills and contributing to the strategic direction of the cybersecurity function.

Requirements

  • 4+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.
  • Bachelor's degree in Cybersecurity, Computer Science, or equivalent technical discipline.
  • Certification in SANS Sec 4xx e.g. GIAC Security Essentials (GSEC) or other equivalent Cyber Security certifications is desirable.
  • Intermediate knowledge of malware families and network attack vectors.
  • Intermediate knowledge of operating system internals and security mechanisms.
  • Intermediate knowledge of web applications and APIs.
  • Intermediate knowledge in system security architecture and security solutions.
  • Intermediate understanding of attack activities such as network scanning, DDOS, malicious code activity, etc.
  • Intermediate understanding of network infrastructure devices such as routers and switches.
  • Intermediate understanding of networking protocols such as TCP/IP, DNS, HTTP/S.

Nice-to-haves

  • 5 - 6 years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.
  • Master's degree in cybersecurity, computer science, or equivalent technical discipline.
  • CISSP or other equivalent Cyber Security certifications is desirable.
  • Intermediate knowledge in scripting, Python, YARA, and RegEx experience.
  • Intermediate knowledge in working with large data sets, using tools such as: Excel, SQL, Splunk, and PowerBI.
  • Intermediate knowledge with forensics tools and malware analysis.
  • Intermediate knowledge in security technologies such as: SIEM, IDS/IPS, DLP, WAF, NDR, EDR, ITDR, SOAR.
  • Familiar with ITIL processes and framework.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service