IT Security Operations Specialist I

Role Summary

The IT Security Operations Specialist I directly participates in Global Security Operations activities including prevention, detection, and response to IT security incidents worldwide. The role supports a wide range of IT security activities including monitoring of alerts, investigation of alerts, incident response, vulnerability response, threat intelligence, and digital forensics. It may also assist with the implementation of IT security strategy and perform technical risk and vulnerability assessments at the network, system, and application levels, including developing and implementing security controls and operational risk mitigations.

Responsibilities

• Demonstrates high knowledge in information technology and IT security domains such as incident response, vulnerability assessment, and threat intelligence
• Works under general direction and collaborates to determine and develop new approaches and solutions
• Handles complex tasks such as security event analysis, vulnerability assessment, and reporting frequently with defined procedures in place
• Often delivers results in own role which have a significant impact to the security operations functions such as incident response, vulnerability management, and threat intelligence through application of expertise and established process in these functions
• Leverages knowledge of topics such as networking, operating systems, application architecture, cloud, log management, SIEM, SOAR, case management, and investigative techniques
• Serves as area specialist within one function within Global Security Operations. Within this function the individual takes accountability for closure of their assigned tasks and commitments
• Engages in frequent internal and cross-organizational contact. Represents organization in providing solutions to technical issues associated with specific projects
• Operates common tools and systems for vulnerability assessment, network intrusion detection, intrusion prevention, network analysis, log management, SIEM, and SOAR. Applies subject matter knowledge to solve common needs such as verifying vulnerabilities, confirming security incidents, developing reports, and resolving system errors
• Proactively works to sustain operations through activities such as procurement and renewals for software and hardware support. Plan for systems licensing, lifecycle management, and capacity. Gathers quotes and request purchasing of software, services, and hardware as needed for projects. Participate in the IT Security planning and budgeting process
• Demonstrates ability to identify better practice and create improvements in methods, techniques, approaches, etc.
• Participates in evaluation of new security tools, techniques, and technologies
• Applies knowledge of common enterprise IT architectures, platforms, and services such as client/server, SaaS, PaaS, and IaaS
• Applies knowledge of information security of common threats, vulnerabilities, and exposures applicable to IT systems

Qualifications

• Required: A Bachelor’s degree in Computer Science, Information Systems, or Information Security is required; relevant experience may be substituted for degree when appropriate
• Required: A minimum of 2 years of relevant experience
• Required: Ability to develop and maintain relationships within the global organization
• Required: Strong attention to detail is required
• Required: Knowledge of incident response is required
• Preferred: Vendor neutral technical certifications (CISSP, CISM, GCIH)
• Preferred: Vendor sponsored and professional certifications (Microsoft, AWS, etc.)

Skills

• Information security concepts and IT security domains including incident response, vulnerability assessment, and threat intelligence
• Ability to work under general direction and collaborate to develop solutions
• Experience with security tooling such as SIEM, SOAR, and vulnerability scanners; ability to perform security event analysis, vulnerability management, and reporting
• Knowledge of networking, operating systems, application architecture, cloud, log management, case management, and investigative techniques
• Strong communication and ability to engage with IT operations, development teams, and line of business stakeholders
• Understanding of common enterprise IT architectures (client/server, SaaS, PaaS, IaaS) and common threats, vulnerabilities, and exposures

Education

• Bachelor’s degree in Computer Science, Information Systems, or Information Security, or equivalent practical experience

Additional Requirements

• 5% overnight travel required