Under the guidance of the Global Director, Security Operations, assist with the overall design, analysis and execution of the Security Operations Center Tasks, including but not exclusive to:
Specific areas of responsibility may fall into any one of the following areas of Security Operations, as assigned by the staff’s management.
The Global SOC Analyst will have multiple security related roles within the organization. Their main goal will be to provide a secure computing environment for the organization to conduct their business. The global security operations team will have overlapping duties however each role will have more specifically focused duties. As such, the role and essential duties will fit into the below classifications most closely.
Along with the below responsibilities all Global Information Security Analysts will be responsible for helping to identify gaps in our protection strategy, areas of risk, researching solutions, developing options and making recommendations for closing gaps or managing and mitigating the identified risks. They will also be responsible for providing technical expertise during incidents and investigations.
The analyst will be responsible for creating technical security standards for technologies within the below scopes of responsibilities and for auditing for compliance under these standards.
Threat and Vulnerability Management – recommend, design and manage the vulnerability management process. Not mutually exclusive to patching, Intrusion prevention, Vulnerability bulletins, penetration testing, malware prevention and incident response. Develops a common set of security tools. Defines operational parameters for their use and conducts reviews of tool output.
Security event detection and response – Manage the tools and processes for the organizations SIEM as well as any other event detection and response tools. Write Standard Operating procedures, train and handover to operations for remediation.
Security toolbox management – with assistance from all Global SOC analysts; evaluate, assess and implement new security tools to keep the security team up to date on the latest threat management, remediation, prevention and reporting tools.
Incident Management Process and Forensics – assist in providing forensic capabilities for the incident management process when needed. Monitor and manage infrastructure logging for security, including perimeter network devices, malware prevention, and intrusion prevention.
Definition and implementation of controls - Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems. Develops and validates baseline security configurations for operating systems, applications, and networking and telecommunications equipment.
Endpoint Protection Strategy – Formulate the companies’ Endpoint protection strategy, including but not exclusive to malware, host intrusion, encryption, browser protection and hardware level security controls.
Network infrastructure security – responsible for determining and maintaining the technical standards for configurations of routers, switches, firewalls, IPS and IDS devices.
Organization/department: Global Security Operations
Reports to: Global Director, Security Operations
Direct reports: Individual contributor.
Leadership and People Responsibilities