Note: The job is a remote job and is open to candidates in USA. Southern New Hampshire University is a team of innovators dedicated to transforming lives through education. The Information Security Analyst I will play a crucial role in the Security Operations Center, focusing on threat detection, monitoring, and incident response to protect the university's technology resources.
Responsibilities
- Respond and perform analysis on security alerts and incidents
- Support technical investigations of complex or high-severity security threats or incidents
- Coordinate information security incident response with SNHU's Information Security Incident Response Plan
- Support the incident response lifecycle and have the analytical mindset needed when it comes to escalated investigations and investigations into novel security incidents
- Participate in incident containment and eradication activities like endpoint isolation, malware remediation, forensic analysis, malware analysis, community member interviews, and network traffic analysis
- Work cross-functionally across ITS and all SNHU teams to provide support, guidance, and technical implementations where appropriate, to include triage, containment, and remediation when applicable
- Analyze digital evidence to identify indicators of compromise, adversary activity, root cause, incident timelines, and attack vector(s)
- Conduct real-time monitoring of security events from multiple sources and use analytical and critical thinking skills to identify, triage, analyze, investigate, and escalate information security events and alerts
- Help perform investigations in complex or high-severity security threats or incidents
- Communicate with partners, in a non-technical manner, at all organizational levels as part of incident response and remediation activities
- Review and help implement standard operational processes for handling common incident types
- Demonstrate a deep source of ethics, integrity, and confidentiality
- Can remain calm and function at the highest level during a crisis
Skills
- 2+ years working in a security operations center (SOC), a cybersecurity operations center or on a cybersecurity incident response team
- Bachelor's degree
- Professional Certification(s): CySA+, Sec+, or relevant certification
- Understanding of MITRE ATT&CK Framework, Cyber Kill Chain, and cloud security principles
- Familiarity with basic SIEM technology or EDR tools
- Experience with IT networking
- Experience with cloud security
- Experience with Search Processing Language (SPL) or Kusto Query Language (KQL) with an ability to create complex queries for log analysis and security monitoring
- Experience with enterprise security tools like Splunk, Tenable, Proofpoint tools, Microsoft Defender components, Office 365 tools, PowerShell, and multiple network tools
- Experience with Cloud Platforms (Azure), security controls, and assessment techniques
Benefits
- High-quality, low-deductible medical insurance
- Low to no-cost dental and vision plans
- 5 weeks of paid time off (plus almost a dozen paid holidays)
- Employer-funded retirement
- Free tuition program
- Parental leave
- Mental health and wellbeing resources
Company Overview