Security Analyst, Sec Ops Ctr

For more than 75 years, we have amplified products and services based rigorous research and our belief in the power of learning. Driven by our mission to advance quality and equity in education, ETS provides learning solutions, pioneering research and trusted assessments that help guide learners around the world on their path to new possibilities.

Our portfolio of trusted measures include TOEFL®, TOEIC®, GRE® and Praxis®. Along with research, development and innovation that explores new frontiers in learning and measurement our educational measurement solutions and research contribute to the development of new methods and tools, inform important dialogue with education policymakers, and shed light on critical issues and potential solutions - all with the aim of creating a world where all learners can improve their lives through education.

With new senior leadership at the helm, ETS aims to continue changing the lives of all learners as we expand our organization's global footprint. Our goal is to remain at the forefront of assessment and measurement efficacy within the education and ed tech space as it continues to grow and evolve.

Position Summary:

The Security Analyst – Security Operations Center (SOC) will work as part of the Information Security Operations team in the Technology Division (IT) to detect, prioritize, and triage any potential attacks or malicious activities involving ETS's intellectual property, networks, and sensitive data. The ideal candidate will have a thorough understanding of information security, cyber threats, cyber threat actors, and monitoring and detection. The SOC Analyst will be responsible for continuous monitoring, identifying, and investigating of security events and alerts, providing incident response and remediation support, and improving security posture.
Experience and Skills:

Responsibilities:

• Define, identify, and classify information assets, assess threats and vulnerabilities regarding those assets, as well as recommend appropriate information security controls and measures.
• Detect, analyze, respond to, and lead security incidents, including Application and Network attempted and realized breaches. The incident response should include host and network-based log analysis, correlation of network indicators, PCAP data, incident timeline generation, and root cause analysis among other data sources.
• Correlate event data for IDS systems, Firewalls, Secure Web Gateways, SIEM, and other security systems for potential threats.
• Create and modify Kusto Queries (KQL functions) for Azure Sentinel analysis and investigations.
• Research and identify key indicators of compromise (IOC) on the network, servers, and end user workstations.
• Investigate and analyze causes, patterns and trends that can pose a risk to data integrity and information systems.
• Investigate security breaches and create actionable plans to address risks.
• Prepare detailed written analyses of incidents with remediation and prevention documentation.
• Provide briefing of findings to both technical and non-technical senior management audiences and business stakeholders.
• Maintain current knowledge on a wide range of security issues including architectures, firewalls, electronic data traffic and network access.
• Stays current with security news, attacks, threats, vulnerabilities, and technologies and implementing new defenses to secure the threat landscape.
• Adhere to ethical standards and comply with the laws and regulations applicable to the job function.

Knowledge and Skills:

• Strong hands-on cyber security skills, experience and demonstrated competency pertaining to cyber threats, information security, monitoring, detection and responding to security incidents.
• Strong knowledge and understanding of incident response phases (detection, triage, incident analysis, remediation, and reporting), threats, vulnerabilities, and exploits.
• Proven experience designing, implementing, and managing innovative solutions to complex security and infrastructure environments.
• In-depth understanding of operating systems, network/system architecture, protocols, and enterprise services, and enterprise architecture design.
• Ability to analyze different data types from various sources and draw conclusions regarding past and potential current security incidents.
• Experience and/or knowledge of Security Information and Event Management (SIEM) systems.
• Capability to quickly script and parse data.
• Ability to work independently, self-motivate and work within in a team environment.
• Strong critical thinking, analytical and technical problem-solving skills.
• Excellent verbal and written communication skills.

Education and Experience:

Education, Certifications, or Special Licenses:

• A bachelor’s degree in Computer Science, Computer Engineering or an equivalent combination of education and experience from which comparable knowledge and abilities can be acquired.
• GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Network Forensic Analyst (GNFA), AWS Certified Security – Specialty or other industry relevant certifications (Cloud-focused).

Relevant Years of Experience Required:

• Minimum 3 years of progressively responsible experience in an Information Security and/or Cyber Operations environment for mid to large sized organization with familiarity of industry-standard security solutions.
• Minimum of 3 years’ experience with Perl, Python, or other scripting language in an incident handling environment.
• Cloud Security experience required.
• Experience with core AWS services such as EC2, VPCs, S3, SNS, Lambda, CloudWatch and CloudTrail and AWS security consoles such as GuardDuty, Macie, etc. is a plus.

#LI-NA1

#LI-REMOTE

ETS believes in a Total Rewards philosophy for our employees, and they include:

• Health, Vision, Dental insurance plans to choose from
• Generous continuous learning support, from individual learning grants to up to 6 classes a year for tuition reimbursement as well as on-line learning access!
• Generous PTO and vacation time to balance your work and life
• Additional 8 hours of PTO for volunteer work
• Retirement plan (401(a)) and traditional Roth (403b) with company contribution
• Commuter Benefits, Pet Insurance, 1 year subscription to Calm App

ETS is mission driven and action oriented

• Diversity, equity, inclusion, and belonging is at the forefront of the ETS employee's daily work. To further foster an inclusive environment ETS is home to a wide variety of Affinity groups that celebrate the diversity of our talented employees.
• How about cultivating growth, innovation, and continuous transformation for the next generation of rising professionals as leaders? ETS offers multiple Business Resource Groups (BRG) for you!
• Are you passionate about volunteering and being active in your career and community? ETS offers our Center for Advocacy & Philanthropy (CAAP) where we encourage ETS employees to become active volunteers in their communities and schools through the ETS Cares Giving Campaign. Our employees can support any 501c3 or eligible charity of their choice.

ETS is an Equal Opportunity Employer comprised of people with different experiences, strengths, and backgrounds who share a passion for advancing quality and equity in education. We are dedicated to building teams that reflect the various backgrounds, experiences, and identities of those we serve. The Talent Acquisition team strives to ensure candidates enjoy a fair and equitable hiring process. We believe our differences empower us to be a better team, making better decisions and delivering better results.
From: Educational Testing Service