Senior Information Security Operations Center Analyst

Security OperationsSecurity OperationsFull TimeRemoteSeniorTeam 10,001+Since 1933H1B No SponsorCompany SiteLinkedIn

Location

Florida

Posted

2 days ago

Salary

$85K - $95K / year

Seniority

Senior

Job Description

Senior Information Security Operations Center Analyst

Ryder System, Inc.

• Responsible for planning and implementing security measures to protect computer systems, networks, and data. • Handle higher level security investigations and incidents. • Monitor network traffic for security events and perform triage analysis to identify security incidents. • Receive incidents and perform deep analysis; correlate with threat intelligence to identify the threat actor, nature of the attack and systems or data affected. • Define and execute on strategy for containment, remediation, and recovery. • Deliver cyber intelligence services and material to information technology and business leaders. • Identify new threat tactics, techniques and procedures used by cyber threat actors. • Publish actionable threat intelligence for business and technology management. • Participate in threat hunting activities to proactively search for threats in the enterprise environment. • Create and maintain use cases for recurring investigation/incident triggers in support of the 24/7 Cyber Threat Operations and Cyber Threat Management program. • Act as coordinator in the event of escalated cyber threats/incidents for Tier 1 analysts. • Assist in escalated computer security incidents and cyber investigations including computer forensics, network forensics, root cause analysis and malware analysis.

Job Requirements

  • Bachelor's degree required in Information Assurance, Computer Science, Engineering, or related technical field.
  • Three (3) years or more experience in information security administration, offensive tactics, monitoring, and IR.
  • Three (3) years or more experience related security systems administration with endpoint, network, application, and host-based security solutions.
  • Two (2) years or more Cloud computing (e.g., Amazon Web Services, Google Cloud Platform or Microsoft Azure) security configuration and management experience preferred.
  • Knowledge of the incident handling procedures and intrusion analysis models.
  • Foundational knowledge of processes, procedures and methods to research, analyze and disseminate threat intelligence information.
  • Demonstrated advanced knowledge of cyber security operations with a focus area in two or more of the following: Security Operations Center (SOC) operations, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider) vulnerabilities, and exploits; incident response, investigations and remediation.
  • Broad knowledge of general IT with a focus area in two or more of the following areas: operating systems, networking, computer programing, web development or database administration.

Benefits

  • medical, prescription, dental, vision, life insurance and disability insurance options
  • paid time off for vacation, illness, bereavement, family and parental leave
  • tax-advantaged 401(k) retirement savings plan

Related Categories

Related Job Pages

More Security Operations Jobs

Sun King logo

Security Operations Center Analyst

Sun King

Powering access to brighter lives in Africa, Asia, and beyond.

Full TimeRemoteTeam 1,001-5,000Since 2009H1B No Sponsor

• Monitor, triage, and investigate security events across AWS, endpoint security platforms, Google Workspace, identity providers, and other enterprise security solutions. • Review and analyze threat intelligence feeds, Indicators of Compromise (IOCs), Indicators of Attack (IOAs), and MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs) to validate detections, improve monitoring, and enhance detection use cases. • Enrich security investigations using OSINT, domain intelligence, and threat intelligence sources to identify malicious activity and support attribution. • Correlate telemetry from endpoints, networks, cloud environments, identity platforms, SIEM, EDR, and other security tools to build comprehensive investigation context and identify threats. • Design, develop, maintain, and optimize SIEM/SOAR detection rules, playbooks, dashboards, and alerts. Onboard and validate new log sources to ensure complete and normalized visibility. • Perform proactive threat hunting and endpoint/cloud forensics to identify previously undetected threats, determine scope and root cause, and provide evidence to support incident response. • Lead end-to-end incident response activities, including triage, investigation, containment, eradication, recovery, root cause analysis (RCA), reporting, and maintenance of incident response playbooks and standard operating procedures. • Monitor and recommend security improvements across AWS services, including CloudTrail, GuardDuty, Security Hub, IAM, VPC Flow Logs, CloudWatch, and AWS Config, to detect suspicious activity and misconfigurations. • Investigate identity-related threats using authentication logs, privileged account activity, and collaboration platform audit logs. • Administer, integrate, and perform health checks for SIEM, SOAR, EDR, and related security technologies to ensure reliable security operations. • Develop and maintain security automation, internal tools, and integrations using Python, PowerShell, Bash, APIs, and webhooks to improve investigation and response efficiency. • Maintain and optimize threat intelligence repositories, IOC watchlists, enrichment workflows, and dashboards, translating intelligence into improved detections and alert tuning. • Support vulnerability management by reviewing findings, validating remediation efforts, and contributing to risk-based prioritization. • Prepare clear and concise incident reports, root cause analysis documents, threat intelligence summaries, executive updates, and SOC performance metrics. • Collaborate with Infrastructure, Cloud, IT, and Engineering teams to implement security controls, strengthen detections, and coordinate incident response activities. • Evaluate and implement AI-assisted security workflows to improve threat detection, alert triage, investigations, and incident response. • Continuously assess and enhance SOC architecture, monitoring strategy, KPIs/KRIs, automation, and overall SOC maturity in alignment with industry best practices.

India
It4us Cyber Security logo

Information Security Analyst

It4us Cyber Security

Garantindo a Cyber Segurança de nossos amigos e clientes !

Full TimeRemoteTeam 51-200Since 2010H1B No Sponsor

• Implement and configure Google SecOps environments. • Onboard log sources using BindPlane, Syslog, APIs and other integration methods. • Configure and manage collectors and log ingestion pipelines. • Integrate different technologies. • Configure parsers, normalization (UDM), enrichment and validation of collected events. • Develop and tune detection rules and use cases. • Execute acceptance and validation testing of the platform. • Produce technical implementation documentation and operational procedures. • Collaborate with client technical teams throughout all phases of the project. • Support troubleshooting, adjustments and post-deployment optimizations.

Brazil
Commvault logo

Security Operations Analyst

Commvault

Commvault is the gold standard in cyber resilience, helping customers prevail against ransomware at the lowest TCO.

Full TimeRemoteTeam 1,001-5,000Since 1996H1B Sponsor

• Investigate security alerts using tools such as CrowdStrike Falcon Suite, Microsoft Sentinel, endpoint telemetry, identity logs, network data, and cloud security sources. • Perform alert triage and analysis to determine the scope, severity, and potential impact of security events. • Support incident response activities, including investigation, containment, remediation, recovery, and post-incident documentation. • Participate in rotational on-call escalation coverage for higher-priority security events outside normal business hours, as needed. • Write clear incident reports, investigation summaries, timelines, findings, and recommended improvements. • Support selected SOC projects focused on improving detection quality, workflows, playbooks, reporting, automation, and response readiness. • Participate in regular security operations reviews and collaborate with cross-functional teams, including Security Engineering, Threat and Vulnerability Management, Networking, Infrastructure, Identity, and IT Operations.

New Jersey
$54.4K - $120.8K / year

Cybersecurity Operations Analyst II

HARVEST VALUATIONS

Harvest Valuations LLC is an equal opportunity employer. In accordance with anti-discrimination law, it is the purpose of this policy to effectuate these principles and mandates. Harvest Valuations LLC prohibits discrimination and harassment of any type and affords equal employment opportunities to employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law. Harvest Valuations LLC conforms to the spirit as well as to the letter of all applicable laws and regulations.

Role Description Harvest is seeking a Cybersecurity Operations Analyst II to join our team on a full-time basis. The Cybersecurity Operations Analyst is responsible for protecting the organization's information systems through the administration of security technologies, continuous monitoring, vulnerability management, incident response, and operational security initiatives. This position works closely with IT teams to maintain a secure environment while supporting the organization's compliance objectives. - Monitor, investigate, and respond to security events, alerts, and incidents across endpoint, identity, cloud, and network security platforms. - Administer and maintain cybersecurity technologies including endpoint protection, vulnerability management, security logging, email security, and identity security solutions. - Perform vulnerability assessments, coordinate remediation efforts with IT teams, and validate corrective actions to reduce organizational risk. - Support security operations by maintaining security documentation, developing operational procedures, and assisting with security audits, compliance initiatives, and customer security assessments. - Participate in the implementation, configuration, and continuous improvement of security controls, technologies, and operational processes. - Assist with user access reviews, security awareness initiatives, phishing campaigns, and other activities that promote a strong security posture. - Collaborate with cross-functional teams to investigate security concerns, support infrastructure projects, and ensure security best practices are incorporated into daily operations. Qualifications - 3+ years of experience in cybersecurity, systems administration, or information technology with a security focus. - Experience administering endpoint protection, vulnerability management, security logging/SIEM, and Microsoft Windows environments. - Working knowledge of Active Directory, Microsoft 365/Azure, networking fundamentals, and incident response processes. - Strong analytical, troubleshooting, documentation, and communication skills. - Ability to manage multiple priorities while working independently and collaboratively in a fast-paced environment. Preferred Qualifications - Experience with CrowdStrike, Microsoft 365 Security, Azure, Log360 or similar SIEM platforms, and vulnerability management solutions. - Familiarity with SOC 2, CIS Controls, or the NIST Cybersecurity Framework. - Industry certifications such as Security+, CySA+, SSCP, or equivalent. Physical Requirements - Prolonged periods of sitting at a desk and working on a computer. - Ability to operate computer equipment. - Ability to occasionally walk, stand, bend, or reach when accessing equipment, cabling, or hardware components. - Ability to communicate effectively in person and via electronic means. Remote Work Environment Requirements - Dedicated, quiet workspace free from distractions to maintain focus and accuracy. - Reliable high-speed internet connection to support secure document processing and collaboration. - Ability to meet deadlines in a remote setting while maintaining attention to detail. - Strong self-discipline and time management skills to work independently and efficiently. - Comfortable using remote communication tools (e.g. email, Microsoft Teams, Zoom) for team collaboration. Benefits - This is a full-time position with competitive compensation and good work/life balance. - Health insurance. - Paid Time Off. - Disability insurance. - Paid holidays. - 401k with employer contribution. - Remote work environment. - Generally, promotion within firm.

United States
$95.4K - $105.8K / year