Job Description

The Threat Management organization at Omnissa is looking for a Senior Information Security Analyst who is passionate about redefining, reimagining, and contributing towards building a robust and resilient information security posture. Information security is about harnessing the power of security expertise built on a solid foundation of threat analysis, risk management, compliance, and incident response. This role requires flexibility in work hours, including participation in an on-call rotation to ensure 24/7 coverage. Additionally, working outside regular business hours may be necessary to respond to emerging threats or incidents. At Omnissa, we are committed to helping our people grow professionally. Our talented employees exemplify our shared values and continue to drive our company to new heights.

Job Role and Responsibility

• As a Senior Information Security Analyst, you will be a subject matter expert in monitoring, analyzing, and responding to security event data from various sources, including logs, network traffic, and threat intelligence feeds.

• Manage the incident response process from initial detection through containment, eradication, recovery, and post-incident activities. Develop and maintain incident reports and provide insights to stakeholders on incident causes, impacts, and lessons learned.

• Administer and optimize security tools, such as SIEM systems, intrusion detection/prevention systems, and threat intelligence platforms. Collaborate with other teams to ensure the effective integration of these tools into the overall security architecture.

• Share knowledge and expertise with junior analysts and other stakeholders through training sessions, documentation, and informal guidance. Participate in the development of security procedures, playbooks, and other documentation to support the SOC team's mission.

• Continuously evaluate and improve the effectiveness of security processes and tools, identifying opportunities for automation and streamlining workflows to enhance efficiency and reduce risk.

Required Skills

• You should have a minimum of 5 years of work experience in the Security Monitoring and Incident Response space.

• Experience with SIEM systems, including configuration, tuning, optimization, and threat detection creation.

• Understanding of cloud security principles, including Azure security best practices and Microsoft Defender for Azure.

• Familiarity with endpoint detection and response tools, such as Crowdstrike Falcon.

• Experience with DLP solutions, including Trellix DLP, to identify and prevent sensitive data exfiltration.

• Knowledge of IAM principles and Microsoft Identity solutions to ensure secure authentication and authorization.

• Ability to manage the incident response process from initial detection through containment, eradication, recovery, and post-incident activities.

• Experience with SOAR tools to streamline security workflows and automate tasks. (Swimlane Turbine experience is preferred)

• Proficiency in scripting languages, such as Python or PowerShell, to automate security tasks and develop custom tools.

• Ability to analyze complex data sets and identify potential security threats.

• Excellent verbal and written communication skills to collaborate with stakeholders and provide insightful analysis.

• Commitment to ongoing learning and professional development in the field of cybersecurity.

• Knowledge of relevant compliance frameworks, such as HIPAA, SOC2, ISO, or PCI-DSS, to ensure security controls are aligned with regulatory requirements.

• Capacity to work effectively in a dynamic environment with multiple priorities and deadlines.