James River Group - Richmond, VA
posted 3 months ago
The Information Security Operations Analyst II plays a crucial role in tactical efforts to ensure the security of company systems and data. This role includes a wide range of responsibilities, including threat intelligence, vulnerability management, incident response, as well as defensive control research and management. The Security Operations Analyst II will often partner with IT and business teams to drive cybersecurity improvements and act as an escalation resource for security analysis and incident handling. Additionally, they will maintain a high level of awareness of evolving technology and cybersecurity concerns in their pursuit to defend the company against emerging cyber threats. In this position, the analyst will continually exhibit and uphold the Core Values of Integrity, Accountability, Communication and Teamwork, Innovation, and Customer Service. They will continuously monitor security alerts and events from various sources, including network and application services, endpoint and SIEM tools, etc., to identify potential security incidents and anomalies. The analyst will investigate and analyze security incidents to determine their nature, scope, and impact, taking immediate action to contain, mitigate, and remediate security breaches to minimize damage. Staying informed about emerging cybersecurity threats, vulnerabilities, and attack techniques is essential, using threat intelligence to proactively identify potential threats and vulnerabilities, and taking measures to prevent them. The role also involves maintaining detailed records of security incidents, their causes, and the actions taken for analysis, reporting, and compliance purposes, generating and submitting reports to management and stakeholders as necessary. The analyst will manage and maintain security technologies, including SIEM systems, vulnerability management systems, endpoint and network security systems, and maintain awareness of information security best practices, communicating their applicability within the Information Security Office and IT organization. They will partner with the Security Operations team and management to conduct security assessments to ensure that management, operational, and technical security controls are properly implemented and maintained. Furthermore, the analyst will lead the refinement of security processes, procedures, and policies, support business units and staff by communicating applicable policies and standards, and consult with various areas of the business as an information risk subject matter expert. They will also serve as a mentor and trainer for Information Security Operations Analyst I under the direction of management and act as an escalation point by guiding and helping team members with project issues.