Cybersecurity Analyst - Security Operations Center (Hybrid)

$83,800 - $142,500/Yr

KLA - Ann Arbor, MI

posted 27 days ago

Full-time - Mid Level
Ann Arbor, MI
Computer and Electronic Product Manufacturing

About the position

The Cybersecurity Analyst-SOC at KLA plays a crucial role in defending against cyber threats and ensuring the security of the company's operations. This position involves advanced incident response, threat hunting, and maintaining security tools to protect KLA's intellectual property. The analyst will work in a 24/7 environment, responding to security events, analyzing network traffic, and collaborating with IT and Cybersecurity teams to enhance the overall security posture of the organization.

Responsibilities

  • Monitor and process responses for security events on a 24x7 basis, including serving in a rotational on-call capacity.
  • Analyze network traffic and logs to differentiate between potential intrusion attempts and false alarms.
  • Proactively monitor SIEM, EDR, and network-based alerts, responding to active threats to internal networks.
  • Advise incident responders on investigation and resolution steps for computer security incidents.
  • Perform detection, monitoring, analysis, and resolution of security incidents.
  • Plan and implement regular incident response and postmortem exercises, crafting measurable benchmarks for progress.
  • Review and analyze cyber threats, providing SME support and training to junior security analysts.
  • Transform threat intelligence into effective detection logic and new signatures for SIEM and EDR platforms.
  • Evaluate existing detection rules and facilitate the development and tuning of AV, EDR, and SIEM rules for high fidelity alerting.
  • Communicate with management to keep leaders informed of incident progress and notify of changes or outages.
  • Prioritize work to provide a positive customer experience during security incident handling efforts.
  • Maintain awareness of trends in security regulatory, technology, and operational requirements.

Requirements

  • Minimum of five (5) years of related experience in cybersecurity or related technologies such as firewalls, AV, EDR, IPS, IDS, and SIEM systems.
  • Minimum of three (3) years of experience working in or with a Security Operations Center (SOC) in an Incident Responder role.
  • Strong working knowledge of common security appliances including EDR, SIEM, AV, scanners, proxies, WAF, Netflow, IDS, and forensics tools.
  • Proficiency in Operating Systems (Windows and Linux).
  • Ability to multi-task, adapt to changes quickly, and handle heavy ticket volumes.
  • Technical awareness to match resources to technical issues appropriately.

Nice-to-haves

  • Bachelor's Degree or equivalent experience in an Information Security or related IT field.
  • Relevant security-related certifications such as CISSP, GCIA, GSEC, GCIH, GCED, GCFA, GREM.

Benefits

  • Medical, dental, and vision insurance.
  • Life and other voluntary benefits.
  • 401(K) with company matching.
  • Employee stock purchase program (ESPP).
  • Student debt assistance.
  • Tuition reimbursement program.
  • Development and career growth opportunities.
  • Financial planning benefits.
  • Wellness benefits including an employee assistance program (EAP).
  • Paid time off and paid company holidays.
  • Family care and bonding leave.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service