Inventories assets, identifies vulnerabilities and threats, monitors for security events, manages incident response and conducts forensic investigations. Participates in monitoring, detection, analysis, resolution of security events and provides containment recommendation. Continuously analyzes alerts and logging, as well as developing new triggers and reporting within Security Information and Event Management (SIEM) and log retention and management tools. Adjusts Security Information and Event Management (SIEM) filters and correlations to continuously improve monitoring and reduce false positives.

Performs discovery, network vulnerability scans, application vulnerability scans and penetration tests. Identifies and reports on vulnerabilities. Adjusts vulnerability scanners to reduce false positives. Collaborates with Information Technology (IT) and other stakeholders to remediate vulnerabilities or implement compensating controls.

Monitors the threat landscape to identify new threats to the environment. Conducts reconnaissance to identify Aurora-specific intelligence. Manages security incident handling efforts in response to a detected incident, and coordinates with other stakeholders. Conducts forensics investigations or manages third party forensics firm. Maintains awareness of trends in security regulatory, technology, and operational requirements.

Performs inventory of assets including networks, systems, devices and applications and their data classification. Performs operational security administration and maintains standard operating procedures, processes and guidelines. Automates analysis, administration and remediation procedures, workflows and tasks.

Licenses & Certifications

None Required.

Degrees

Bachelor's Degree in Information Technology or related field.

Required Functional Experience

Typically requires 3 years of experience in Information Technology (IT) security.

Knowledge, Skills & Abilities

Experience working in an IT Security Operations Centre, using SANS methodology.Experience and extensive knowledge of Vulnerability Scanners, Application vulnerability scanners, and security Information Event Management systems, system and network security, and forensics tools . Extensive knowledge of networks, systems, devices and applications.Strong troubleshooting, reasoning and problem solving skills.Team player with strong customer service, prioritization and time management skills.Organizational skills and the ability to work autonomously with a strong attention to detail and processes.Ability and experience in writing clear and concise technical documentation.Strong verbal communication skills and the ability to effectively interact with all levels.Ability to manage multiple priorities with tight deadlines in a dynamic work environment.Ability to adapt to changing technologies and learn new technologies.