Security Operations Analyst at KUBRA ensuring data protection and responding to security incidents. Join a dynamic team focused on continuous improvement in cybersecurity.
Responsibilities
Security Infrastructure Management: Maintain and optimize the security infrastructure (Firewalls, IDS/IPS, AV, SIEM, FIM, servers, etc.) with a specific focus on maintaining Exabeam SIEM and CrowdStrike (managing EDR, FIM, and DLP modules).
Cloud Security Operations: Execute AWS cloud security operations, monitoring specific services (e.g., GuardDuty, Security Hub, CloudTrail) to secure cloud workloads and respond to cloud-native threats.
Incident Response: Monitor systems, software, and skills to stay ahead of emerging threats: Lead or participate in security investigations and Assist during Incident Response and Recovery activities.
Data Pipeline Management: Manage and optimize security data pipelines using Cribl to ensure efficient log routing, parsing, and data reduction before ingestion.
Infrastructure as Code (IaC): Utilize IaC principles (specifically Terraform) to deploy, maintain, and audit security configurations and infrastructure.
Network Security: Perform firewall operational tasks as approved.
Governance & Risk: Maintain and enforce KUBRA’s IT management control framework that defines the institution’s overall approach to IT risk and control.
Incident Management: Participate in on-call rotation to respond, investigate and resolve Security Incidents.
Alert Coordination: Track and action alerts to ensure proper response is taken by coordinating the work efforts of internal teams and actions required of external service providers.
SIEM Optimization: Apply understanding of environment and operational issues to work with external or internal parties for implementation or optimization of specific Exabeam SIEM use cases to help improve detection and response.
Threat Intelligence: Maintain the vulnerability security digest, monitor threat feeds, and provide regular threat intelligence updates.
Access Reviews: Conduct access control reviews on a case-by-case basis to systems and work with internal and external resources to update user control lists and provide reports.
Audit & Compliance: Assist in remediation tasks related to audits/penetration tests.
Training & Testing: Participate in internal and external table-top exercises related to cybersecurity.
Documentation: Assist in development of process and procedure documents for Security Operations.
Policy Guidance: Evaluate and provide guidance to exemption requests as per corporate policy and standards, to advise of risk involved.
Requirements
A minimum of 2 years of experience operating and working in a functional SOC environment.
A minimum of 2 years of experience in a Security Operations role.
2+ years of experience in Incident Management and related processes.
Exabeam: Proven experience operating Exabeam SIEM is required.
CrowdStrike: Hands-on experience with CrowdStrike EDR, FIM (File Integrity Monitoring), and DLP (Data Loss Prevention) is required.
AWS Security: Strong operational knowledge of AWS Cloud Security operations is required.
Cribl: Experience with Cribl for log shaping and routing is highly desirable.
Terraform: Knowledge of Terraform or other Infrastructure as Code (IaC) tools is considered a strong asset.
IAM Operations Lead responsible for daily administration, governance, and security of identity infrastructure, ensuring correct access and minimizing risks.
CSOC Analyst responsible for managing security incidents and threat investigation at Just Eat Takeaway. Working with an internal team to detect, investigate, and respond to significant threats.
Security Operations Engineer at Supabase providing front - line coverage for security alerts and customer security tickets. Supporting internal IT operations and improving security processes in a remote setup.
SecOps Engineer integrating security into development processes for Lido Protocol. Collaborating on security practices, incident management, and developer training.
SOC Operator managing 24/7 command centre operations for the Toronto Jewish community. Support during emergencies, manage incidents, and conduct thorough record - keeping.
Security Operations Analyst monitoring and investigating security threats across enterprise systems. Collaborating with teams on incident response and threat intelligence activities.
Manager of Security Operations at Match Group overseeing detection engineering, security operations, and incident response. Leading a high - performing team to maximize threat response capabilities.
Senior SecOps Analyst overseeing end - to - end vulnerability management processes. Collaborating with teams to enhance security measures in a hybrid workplace.
SOC Analyst supporting 24/7 operational capabilities in cybersecurity at Starling. Collaborating with global teams to protect customers and assets through incident response and investigations.