The Security Analyst role provides candidates with hands-on experience performing analysis & remediation of information security events. In addition to investigating events, candidates will be responsible for making improvements to existing detection & prevention controls through process & technology improvements, including the use of automation platforms. Candidates are expected to question the status quo to identify opportunities for continuous improvement & are enabled to take action to ensure the effectiveness of a distributed security program operating within DevOps centric workflows.
What you'll do:
- Drive continuous improvement across all aspects of Security Operations
- Perform daily event & incident triage (e.g., malware triage, network analysis, live response, etc.)
- Develop & maintain security operations processes & documentation (e.g., runbooks, operating procedures, etc.)
- Assist with the analysis & remediation of security incidents
- Enhance detection & prevention controls (e.g., logic updates, exclusions, etc.)
- Collaborate on design, architecture, & threat models to incorporate detection & monitoring requirements
- Collaborate on response, containment, & remediation for confirmed security incidents
- Work with different operating systems & cloud hosting providers (e.g., AWS, GCP, Azure, OCI)
- Develop automation playbooks to improve the efficiency of operation processes
- Seek opportunities for continuous improvement & drive efficiency
- Maintain working knowledge of attacker tactics, techniques, & procedures (TTPs)
- Maintain event collection environment through health monitoring
Were looking for someone with:
- Bachelor's Degree in Computer Science, IT or other relevant degree or equivalent work experience
- 2+ years working in a Security Operations or equivalent role
- Firm understanding of attacker tactics, techniques, & procedures & means of detection
- Strong technical understanding of networking basics, including TCP/IP & layer 7 protocols
- Proficiency with security tools & platforms (e.g., SIEMs, vulnerability scanners, & malware analyzers)
- Familiarity with IDS/IPS systems & endpoint Antivirus & EDR products
- Working knowledge of at least one scripting language (Python or PowerShell preferred)
- Working knowledge DevOps concepts (e.g., Infrastructure as Code, Deployment Pipelines, etc.)
- Excellent communication (verbal & written), critical thinking, & analytical skills
- Ability to work both independently & as part of a team
- Ability to synthesize risks & derive detection countermeasures
- This position is available for remote workers with flexible working hours but may require occasional work outside of normal business hours.
At Tanium, we offer a proven platform for endpoint visibility & control that transforms how the world's largest & most sophisticated organizations manage & secure their computing devices with unparalleled speed & agility. Theres a reason why more than half of the Fortune 100, top retailers & financial institutions, & four branches of the US Armed Forces rely on Tanium.
Our unstoppable spirit, drive to do the right thing & win as a team attitude has earned us the rank of 7th on the Forbes list of Top 100 Private Companies in Cloud Computing for 2019 & 10th on FORTUNEs list of the 100 Best Medium Workplaces.
On a mission. Together.
At Tanium, we are stewards of a culture that emphasizes the importance of collaboration, respect, & diversity. In our pursuit of revolutionizing the way some of the largest enterprises & governments in the world solve their most difficult IT challenges, we are strengthened by our unique perspectives & by our collective actions.
We are an organization with stakeholders around the world & its imperative that the diversity of our customers & communities is reflected internally in our team members. We strive to create a diverse & inclusive environment where everyone feels they have opportunities to succeed & grow because we know that only together can we do great things.
At Tanium, we take care of our employees & their communities with things like 5 days of Volunteer Time Off.