Summary:
The Analyst, Info Security position is a part of the Archwell Essentials Security Operations Center (SOC) which is responsible for safeguarding the confidentiality, integrity, and availability of Archwell’s information systems, identities, and data. As a SOC Level 1 Analyst, you will play a critical part in that mission. In addition to other tasks, you will be primarily responsible for administering, maintaining, and monitoring alerts from the various systems that provide measures to detect, analyze, and respond to cybersecurity threats.
Essential Job Functions:
Support the day-to-day administration and maintenance for Essentials’ security tool suite.
Monitor, investigate and respond to SIEM generated security alerts and security tickets.
Implement and validate scheduled Change Management requests.
Participate in incident response activity as necessary.
Author/maintain various processes, procedures, how-to guides, FAQs, and support documentation.
SIEM: Monitor aggregated security events to detect malicious activity. Perform investigative analysis on events received to determine opportunities for overall system optimization. Monitor Events Per Second (EPS) volume to quickly react to any observed abnormalities in event volume. Create and maintain various reports, dashboards, and saved searches to allow for routine monitoring of key events.
Cisco Security Stack: Monitor all associated infrastructure and ensure health checks are passing. Review and update policies as requested. Review, assess, and determine action for unreviewed apps. Continuously perform routine optimization tasks for included tool suite to ensure peak performance.
Vulnerability Management: Use approved tools to identify, track, and monitor remediation activities surrounding vulnerability findings. Evaluate external threats and zero-day vulnerabilities for applicability to the environment.
Maintain regular and punctual attendance.
Other Related Duties:
Performs other related duties as assigned.
Supervisory Responsibilities:
This position is an individual contributor with no direct reports.
Qualifications:
To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
Strong analytical and organizational skill-set, with focus on being able to decipher key information from various system logs.
Practical knowledge of how DNS works for both legitimate and malicious purposes.
Understanding basic network protocols and traffic flow in an enterprise environment.
Excellent written and verbal communication skills.
Strong collaboration skills and a team player.
Education and/or Experience:
Bachelor's degree (B. A.) from four-year college or university or equivalent combination of education and experience.
Minimum three (3) years experience as a security analyst or similar role.
Experience with SIEM tools.
Experience with Cisco Security Stack.
Experience with Vulnerability Management tools.
Experience managing and administering cloud platforms.
Experience with Windows Server and Linux Operating Systems preferred.
Certificates, Licenses, Registrations:
CompTIA Security+ or equivalent preferred.
Work Complexity:
Problems and issues faced are general, and may require understanding of broader set of issues but typically are not complex. May require familiarity with the financial/mortgage (or job-specific) industry. Problems require understanding of other job areas. Problems are typically solved through drawing from prior experiences, with analysis of the issue.
Physical Demands:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is frequently required to sit and talk or hear. The employee is occasionally required to stand; walk; use hands to finger, handle, or feel; and reach with hands and arms. The employee must occasionally lift and/or move up to 25 pounds.
Work Environment:
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Work is normally performed in a typical interior office work environment which does not subject the employee to any hazardous or unpleasant elements. The noise level in the work environment is usually moderate.
Equal Employment Opportunity:
Archwell is committed to providing equal employment opportunities to all employees and applicants without regard to race, ethnicity, color, sex, marital status, sexual orientation, gender identity or expression, pregnancy, religion, national origin, age (40 and over), disability, military status, genetic information or any other basis protected by applicable federal, state, or local laws.
Americans with Disabilities Act:
Applicants as well as employees who are or become disabled must be able to satisfactorily perform the essential job functions of the position either with or without reasonable accommodation. Applicants as well as employees are encouraged to meet with Human Resources as the organization shall review reasonable accommodations on a case-by-case basis in accordance with applicable law.
Job Responsibilities:
The statements reflect the general duties and responsibilities considered necessary to perform the essential functions of the job and should not be considered as an all-inclusive list of all the work requirements of the position. Archwell may change the specific job duties with or without prior notice based on the needs of the organization.