Sr. Security Analyst: Incident Analyst (Full Weekend with some Weekdays)
Extreme Networks provides networking solutions to power your business. Our flexible and scalable cloud networking services help optimize your network infrastructure.
There has never been a better time to join Extreme, after three acquisitions extending our portfolio and go-to-market strategy, we have seen enormous opportunity and growth within the region. Aside from being a Technology Leader in the Gartner Magic Quadrant, we also promote an internal culture that embraces diversity, inclusion, and equality in the workplace.
Job Summary: As a key member of the Information Security Operations team, you will be primarily responsible for monitoring and responding to security events and tickets; investigating root cause analysis of issues; updating and investigating threat feeds and alerts; and management and operation of the SIEM (Security Information and Event Management) solution. This role will include on-call shift work over a weekend.
Job Requirements:
* Continuously monitor SIEM Console, ServiceNow incident queues, and SecOps dashboards for alerts, tickets, and issues.
* Notify system owners and escalate security incidents per the incident response escalation procedures.
* SIEM Alert tuning and configuration.
* Monitor devices' system performance, system resources utilization (disk space, indexed data), and health monitoring.
* Tuning and policy enhancement for SIEM and other SecOps tools.
* Responsible for troubleshooting SIEM and SOC (Security Operations Center) operational related issues.
* Assist in case of major outbreak or any critical incident related issue.
* Perform deep dive incident analysis by correlating data from various sources.
* Respond to all reported security incidents.
* Follow up with teams for incident closure.
* Maintain incident records as per the guidelines.
* Capture and protect evidence related to an incident.
* Develop IoC (Indicators of Compromise) related to new threats.
* Perform incident damage assessment.
* Update stakeholders about security incidents progress.
* Strong interpersonal communication skills.
* Good verbal and written communication skills.
* Ability to analyze problems and create solutions while maintaining confidentiality of information.
* Must be able to prioritize projects, maintaining a sense of urgency to meet deadlines.
* Must possess the ability to follow verbal and written directions.
* Must be a self-starter and able to work well independently and in a team.
* Must be able to use critical thinking skills and judgment.
* Must be able to work positively and professionally with a wide range of personalities.
* Must be able to accept constructive criticism.
Working Schedule
* The role will involve providing the primary on-call cover for the weekend during daytime shifts. The remainder of the 40-hour week will be spread out during the Monday to Friday on an agreed schedule, aligning with the rest of the team.
Experience
* Ideal candidates will have background/experience in security operations. To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
* Experience using and performing searches and tuning a SIEM product.
* Experience with the Microsoft suite of security tools.
* Experience in using security incident response frameworks & Mitre framework.
* Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.
Extreme Networks, Inc. (EXTR) creates effortless networking experiences that enable all of us to advance. For more information, visit Extreme's website or follow us on Twitter, LinkedIn, and Facebook.
We encourage people from underrepresented groups to apply. Come Advance with us!
#J-18808-Ljbffr