Who we are
We're a leading, global security authority that's disrupting our own category. Our encryption is trusted by the major ecommerce brands, the world's largest companies, the major cloud providers, entire country financial systems, entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. That's digital trust for the real world.
Job summary
The Security Operations Analyst will help advance the security operations of DigiCert by identifying potential risks, and threats by performing real-time log analysis. The Security Operations Analyst will make use of analyses and understanding of exploits and vulnerabilities to maintain and improve DigiCert’s security posture and hygiene.
This role will also help support the Service Desk and will require shift coverage and participation in off hours on-call rotation.
This person is expected to work in office a minimum of 3x per week in Herndon, VA.
What you will do
Provide analysis of security threats, and problems Management and evaluation of security alerts and detections Work through tickets and resolve tickets per defined SLAs Participate in Security Incident Response and analysis of incidents Assist in the configuration, management, and maintenance of various security related software and systems Be able to effectively work within a team, and self-sufficient/self-motivated when assigned solo work Willingness to stay current on emerging threats, vulnerabilities, audit framework updates, etc to help protect DigiCert’s systems Willingness to evaluate new tools to improve efficiencies in operational processes Actively participate in ongoing training and knowledge transfer with team members Provide metrics and statistics to management Critically assess current practices and provide feedback to management on improvement opportunities Understand policies and standards and be capable of conveying those requirements to end users Set clear expectations and provide timely follow-up as appropriate administration, monitoring and issue resolution for all IT users, devices and services Provide audit support for compliance
What you will have
1+ years of experience in Information Security or related technical discipline Must have strong written and verbal communication skills Customer Service background and good interpersonal and organizational skills Proficiency with Windows, Mac and Linux, to include administrative activities and threat analysis Understanding of IP network and network scanning fundamentals with ability to interpret scanning reports and identify risks Experience installing and maintaining a security agent on same operating systems, preferably CrowdStrike Falcon Sensor Experience performing analysis with SIEM tool, preferably Azure Sentinel Proficiency with a structured query language, preferably Kusto Query Language (KQL) Experience using standard operating procedures (SOP), following directions given and escalating when required Experience triaging and remediating security incidents related to identity, devices, and data Experience using MITRE ATT&CK Framework to pursue attack path scenarios Willing and able to rotate an on-call schedule
Nice to Have
Experience with Incident Triage through Event Correlation and Analysis (Some people are triage only)General level of knowledge of Information Security design concepts and principles Ability to perform in depth log analysis Knowledge of penetration testing practices and principles Experience securing and monitoring cloud infrastructure services, preferably AWS and Azure. Security+ Certification Network+ Certification
Benefits
Generous time off policies Top shelf benefits Education, wellness and lifestyle support
DigiCert is an Equal Opportunity employer and is committed to diversity in its workforce. In compliance with applicable federal and state laws, DigiCert prohibits discrimination on the basis of race or ethnicity, religion, color, national origin, sex, age, sexual orientation, gender identity/expression, veteran’s status, status as a qualified person with a disability, or genetic information. Individuals from historically underrepresented groups, such as minorities, women, qualified person with disabilities, and protected veterans are strongly encouraged to apply.
#LI-KK1