Information Security Operations Analyst II (Information Technology)

James River Group Holdings - Raleigh, NC

posted 3 months ago

Full-time - Mid Level
Raleigh, NC
Management of Companies and Enterprises

About the position

The Information Security Operations Analyst II plays a crucial role in tactical efforts to ensure the security of company systems and data. This role encompasses a wide range of responsibilities, including threat intelligence, vulnerability management, incident response, as well as defensive control research and management. The Security Operations Analyst II will often partner with IT and business teams to drive cybersecurity improvements and act as an escalation resource for security analysis and incident handling. Additionally, they will maintain a high level of awareness of evolving technology and cybersecurity concerns in their pursuit to defend the company against emerging cyber threats. In this position, the analyst will continually exhibit and uphold the Core Values of Integrity, Accountability, Communication and Teamwork, Innovation, and Customer Service. They will continuously monitor security alerts and events from various sources, including network and application services, endpoint and SIEM tools, etc., to identify potential security incidents and anomalies. Investigating and analyzing security incidents to determine their nature, scope, and impact is a key responsibility, along with taking immediate action to contain, mitigate, and remediate security breaches to minimize damage. The analyst will stay informed about emerging cybersecurity threats, vulnerabilities, and attack techniques, using threat intelligence to proactively identify potential threats and vulnerabilities, and take measures to prevent them. They will maintain detailed records of security incidents, their causes, and the actions taken for analysis, reporting, and compliance purposes, generating and submitting reports to management and stakeholders as necessary. Furthermore, they will manage and maintain security technologies, including SIEM systems, vulnerability management systems, endpoint and network security systems, while also maintaining awareness of information security best practices and communicating their applicability within the Information Security Office and IT organization. The role also involves partnering with the Security Operations team and management to conduct security assessments to ensure that management, operational, and technical security controls are properly implemented and maintained. The analyst will lead the refinement of security processes, procedures, and policies, support business units and staff by communicating applicable policies and standards, and escalate to Information Security management when appropriate. They will consult with various areas of the business as an information risk subject matter expert, serve as a mentor and trainer for Information Security Operations Analyst I under the direction of management, and serve as an escalation point by guiding and helping team members with project issues.

Responsibilities

  • Exhibit and uphold Core Values of Integrity, Accountability, Communication and Teamwork, Innovation and Customer Service.
  • Continuously monitor security alerts and events from various sources to identify potential security incidents and anomalies.
  • Investigate and analyze security incidents to determine their nature, scope, and impact, taking immediate action to contain, mitigate, and remediate security breaches.
  • Stay informed about emerging cybersecurity threats, vulnerabilities, and attack techniques, using threat intelligence to proactively identify potential threats and vulnerabilities.
  • Maintain detailed records of security incidents, their causes, and the actions taken for analysis, reporting, and compliance purposes.
  • Manage and maintain security technologies, including SIEM systems, vulnerability management systems, endpoint and network security systems.
  • Maintain awareness of information security best practices and communicate their applicability within the Information Security Office and IT organization.
  • Partner with the Security Operations team and management to conduct security assessments to ensure that management, operational, and technical security controls are properly implemented and maintained.
  • Lead the refinement of security processes, procedures, and policies.
  • Support business units and staff, communicating applicable policies and standards, and escalating to Information Security management when appropriate.
  • Consult with various areas of the business as an information risk subject matter expert.
  • Serve as a mentor and trainer for Information Security Operations Analyst I under the direction of management.
  • Serve as an escalation point by guiding and helping team members with project issues.

Requirements

  • Bachelor's Degree in related field (IT, IS, Computer Science or Engineering) or equivalent combination of education, training and relative experience required.
  • Minimum of four years of related experience (security operations, vulnerability management, incident response, etc.) required.
  • Intermediate to advanced knowledge of foundational cybersecurity policy, compliance, and risk management principles, IT service management, the systems development lifecycle, and Agile methodologies.
  • Ability to think laterally and innovatively while implementing security improvements that suit business risk tolerance.
  • Methodical, data-driven approach to security and risk analysis.
  • Ability to convey technical process information in a clear and concise manner.
  • Strong desire for continuous improvement.
  • Ability to identify, recommend and implement innovative solutions.
  • Ability to partner with senior team members to write policies, procedures, and assessments.
  • Proactive and results-driven work ethic.
  • Excellent organizational skills.
  • Solid written, verbal, and presentation skills.
  • Ability to successfully prioritize and manage deadlines.
  • Ability to effectively communicate with peers and senior staff.
  • Ability to organize complex information, pay close attention to detail and handle multiple tasks.
  • Ability to work successfully as an individual contributor and in a team environment.
  • Ability to mentor others and lead project teams.

Nice-to-haves

  • Advanced certifications (CISSP, GSEC, CCSP, etc.) strongly preferred.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service