Cybersecurity Analyst (SIEM & DLP)
Are you passionate about detection analysis and response to cyber threats? Do you thrive in a fast-paced environment that will rely on your ability to distinguish between false alarms and potential threats?
As a Cybersecurity Analyst, you will leverage your experience with a variety of monitoring and analysis tools to provide crucial situational awareness to our network and systems. You will work closely with members of your team to identify and escalate potential threats to key NLG stakeholders.
Not only will this role provide access to cutting-edge detection tools and technologies, but you will also be empowered to make a real impact on security operations. You can expect your feedback will be implemented in the tuning and development of our program.
Join us and be part of a dynamic team that is shaping the future of security operations at National Life Group!
Duties and Responsibilities:
- Support, handle, and respond to DLP incidents and alerts.
- Monitor, discover and analyze potential threats elevated by a variety of technology tools (such as EDR, NSM, SIEM).
- Triage incidents according to risk and potential impact. Escalate when appropriate.
- Analyze root causes for true and false positive alerts.
- Create and review reports and dashboards which aggregate audit and analysis tasks.
- Monitor industry trends and emerging threats and recommend appropriate solutions to mitigate risk.
- Communicate feedback to be used in the continuous improvement lifecycle of our detection technologies.
Qualifications:
- Bachelor’s degree in computer science, cybersecurity, or related field, or equivalent experience.
- Minimum of 5 years of information security experience relating to continuous security monitoring and/or incident response.
- Expertise in configuration and response for DLP systems (Cloud, Email, Network, and/or Endpoint).
- Proven experience with SIEM and related technologies, native OS and cloud logging, EDR, and incident management systems.
- Ability to analyze and interpret complex security events, logs, and network traffic to identify indicators of compromise (IOCs) and potential threats.
- Exemplary analytical and problem-solving skills.
- Strong understanding of Windows and Linux operating systems, networking principles, and cloud technologies.
- Demonstrated commitment to continuous learning and professional development.
- Excellent communication and interpersonal skills.
- While not mandatory, candidates who additionally possess the following would be highly desirable:
- Relevant industry certifications such as GSEC, SSCP, GCIH, GMON, GCED, CySA+, CASP+
- Expertise in scripting or automation using tools such as PowerShell, Python and/or Bash.
#LI-CS
#LI-Hybrid