DevOps and Security
Security Operations Center Analyst
Are you a seasoned Security Operations Center Analyst willing to grow as a professional and work on large-scale projects, using technology stack that is both diverse and cutting-edge? Are you passionate about innovative and top-notch software solutions and want to be part of like-minded professionals? Do you enjoy working in a fast-paced, yet collaborative environment?
If your answer is “Yes”, we would love to talk to you.
Who are we looking for?
In this position you will be an integral part of a developing enterprise Information Security Program. Your focus will be on security threat identification and incident escalation activities, as well as working with engineers to design and implement more effective security monitoring solutions. As a Security Operations Center Analyst at Shutterfly, you will be exposed to all areas of information security as we continue to grow our team. This is an excellent opportunity to push your career and flex your skillset in all areas of security operations.
What your responsibilities are going to be?
Monitor and interpret data from a number of security monitoring platforms (e.g. IPS/IDS,
Next-Gen Firewall, heuristic endpoint protection tools, vulnerability scanners, etc.)
Perform log analysis and network forensics to support the incident response mission.
Execute incident response processes and procedures
Monitor public security advisories and alerts for information related to threats and vulnerabilities
Monitor and respond to alerts supporting the identification phase of the incident response process.
Provide support for incident response and vulnerability management efforts.
Drive efforts to improve and further build out the security monitoring tools.
Maintain knowledge of current security trends and be able to clearly communicate them to the team.
Support Information Security team in all areas of information security
Document all incident analysis and response activity in a structured ticketing system
Generate shift-handoff documentation and facilitate knowledge transfer to oncoming analysts
What qualifications are needed?
Associate of Science in CIS/MIS/CS/CE, Engineering/Technology or related field or equivalent experience/training.
3-6 years working within Information Technology and 1-2 years specifically in a security operations or threat/vulnerability management role.
Must be well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude.
Must understand various logging methods and security event terminology
Demonstrated oral/written communications, and client facing skills
What would be considered as an advantage?
Security+, GSEC, GCIH, GCIA certifications
Experience with internal security assessments/reviews
Understand information security concepts, protocols, "industry best practices"
Understand malware analysis, packet analysis and forensic investigation techniques
Hands-on experience with security technologies from the following vendors preferred: Splunk or other comparable SIEM tools, Palo Alto Networks Firewalls, Heuristic endpoint protection tools
Experience with Endpoint Security and MDM solutions
Sofia, Plovdiv, Varna, Burgas, Skopje