Analyst (Tier 2) - Cybersecurity Operations

Wymagania: - Technical writing experience - • Standard Operating Procedures - • Runbooks/Playbooks - • Incident Response Plans - • Support training develop with both analysts and tabletop exercises - • Assist or lead the effort in Tool configuration and content creation - Qualifications: - • 2-4 years of experience on one of the following team(s): Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC) - • Degree in Computer Science, Information Technology, or equivalent work experience - • Experience supporting Cyber Security Operations in a large enterprise environment - • Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution - • Experience with SIEM & Log Management solution - • Familiarity with one of the following; NIST Incident Response Lifecycle, Cyber Kill Chain, Adversarial Tactics, Techniques & Common Knowledge (ATT&CK) Metrics - • CCNA Security, GCIA, GCIH, CYSA+, Security+ or other related security certifications - • At minimum there must be one active security certification - Experience with one or more of the following tools: - • Qradar SIEM/Cortex XSOAR - • SentinelOne - • Proofpoint Email - • Azure Suite - • Zscaler O firmie: - Sysco is the global leader in selling, marketing and distributing food products to restaurants, healthcare and educational facilities, lodging establishments and other customers who prepare meals away from home. Its family of products also includes equipment and supplies for the foodservice and hospitality industries. With more than 71,000 colleagues, the company operates 333 distribution facilities worldwide and serves approximately 700,000 customer locations. For fiscal year 2022 that ended July 2, 2022, the company generated sales of more than $68 billion. Information about our Sustainability program, including Sysco’s 2022 Sustainability Report and 2022 Diversity, Equity & Inclusion Report, can be found at www.sysco.com. Zakres obowiązków: - Cybersecurity SOC Tier 2 analyst must be able to do the following: - Correlate threat data from various sources to establish the threat/impact against the network - After assessment of the data, recommend appropriate countermeasures, facilitating tracking, preliminary handling of investigations, and reporting of all security events and computer incidents - Remediation actions and apply lessons learned to security incident investigation and resolution - Perform monitoring, identification and resolution of security events to detect threats through analysis, investigations and prioritization of events based on risk/exposure - Develop processes which analyzes data, producing accurate, meaningful, easily interpreted results based on user requirements and use cases - Develop processes which align with enterprise incident response activities and coordinate closely with other teams within the Security Operations Center - Create custom tool content to enhance capabilities of security operations teams - Manage the collection, documentation and research of security events generated by the SOC monitoring platform and infrastructure - Provide support to Security Incident Management aligned with NIST standards