Security Analyst

We are seeking a Senior Security Analyst for a Direct Hire/FTE position in Redwood City, CA. This position is onsite in Redwood City, CA.

Summary:

We are seeking an experienced Senior Security Analyst to join our team in ensuring the security and integrity of our systems and data. The ideal candidate will leverage experience in security processes, capabilities, and technologies to design and implement solutions that protect systems, data, people, and processes.

This role will help execute a strategic vision for security solutions that align with the company's overall business goals and objectives. Executing in an iterative fashion, this position will be involved in evaluating and managing solutions for threat detection, incident response, and risk management across all threat surfaces (endpoints, servers, email, social, Cloud etc.). This role will be both hands-on as well as adept at working with multiple internal and external teams including managing vendor relationships. This person will be well-versed in security metrics and performance measurement, working closely with other InfoSec colleagues to update reports and dashboards necessary for continuously monitoring, measuring, and learning from our tactics.

The Security Analyst will be reporting to the VP, IS Security, Risk, and Compliance.

Responsibilities:

• Contribute to the design, implementation, and maintenance of security platforms and tools.

• Help develop and execute a strategic vision for security solutions that align with the company's overall business goals and objectives.

• Ensure the reliability and compliance of data across all digital systems and processes.

• Foster a culture of continuous improvement and innovation within the Information Security team.

Monitoring and identifying potential threats from vulnerabilities via an Exposure Management platform. Triaging remediation efforts through patch management (BigFix) or manual intervention.

• Implement and manage cloud security configurations to protect sensitive data and ensure compliance with ISO and NIST standard.

• Utilizing token security and SaaS Security Platforms review alerts and monitoring non-human identity posture and SaaS application configurations to verify proper IT hygiene and best practice recommendations.

• Deploying and maintaining Endpoint Security solutions to detect and respond to threats, device control events (USB).Additional Threat hunting may be required to validate incidents.

• Daily validation of Identity Threat Protection data to safeguard user identities and prevent unauthorized access.

• Perform regular security assessments and audits of production to ensure the effectiveness of security controls.

• Daily monitoring and response to daily alerts captured by the on prem network detection and response.

• Stay up to date with the latest cybersecurity trends, threats, and technologies.

Required Skills, Experience and Education:

• Hands-on experience with Astrix Security, Darktrace, CrowdStrike's Endpoint Security, Exposure Management, and Identity Threat Protection modules is a plus. Other EDR, NHI and NDR experience is acceptable.

• Proven experience in cloud security within Azure and AWS

• Experience in runbook development via a SOAR (Security Orchestration Automation Response) platform is preferred.

• Excellent communication and teamwork abilities.

• Strong analytical and problem-solving skills.

Preferred Skills:

• Experience with patch management platforms like BigFix.

• Relevant certifications such as CISSP, CISM, Security or CrowdStrike University certificates.

• Familiarity with security frameworks and standards such as ISO and NIST.

• Ability to work in a fast-paced environment and manage multiple tasks simultaneously.