Job Description :
Position : Security Operations Analyst (III)
Location : San Jose, CA
Duration : 12+ months Contract
Job Description:
Responsibilities:
Manage day-to-day security operational tasks such as security event monitoring, log monitoring and security incident management, compliance monitoring, data loss prevention, and monitoring and responding to emerging threats varying from endpoint to server to public cloud system.
Act as primary support contact for security incidents, and provide direction to infrastructure and applications teams to initiate incident response. Liaison with internal and parties to address security concerns. Perform root cause analysis so we can continuously improve our prevention, reaction, and remediation of incidents.
Perform ongoing vulnerability assessments including vulnerability scanning and vulnerability exploit testing (penetration testing) with clear reporting, threat identification and action plans for remediation with prioritization. This will also include any assessments for changes that the security team has identified as requiring a vulnerability assessment prior to release
Supports the IT leadership in obtaining quality data from the appropriate sources to publish security metrics on an ongoing basis. User Administration – Tactical
Act as the centralized, user access administrator for the key, critical applications and infrastructure used at Matson to ensure proper segregations of duties. This will involve provisioning and terminating user access based on established access and termination controls.
Assist with the development, implementation, and administration of security awareness training for the enterprise.
Act as a key point of contact for SOC audits as related to user provisioning, terminations. Perform special projects as assigned.
Qualifications:
Bachelor''s Degree in Computer Science (or equivalent degree) with 6+ years hands-on security experience. Security certifications a plus.
Background in security operations, project management, or information security, with knowledge of Cloud security models and controls (AWS)
3+ years of experience in technical security positions, SOC experience preferred
Strong experience with SIEM tools like Splunk or ELK and AWS Advanced Security tools Evident.io,Red Lock or Secure works.
Strong security research and root cause analysis skills to identify and analyze potential security vulnerabilities
Experience with compliance ( PCI, HIPAA)
Experience working with internal and external auditors on compliance initiatives
Customer service experience/Strong customer focus to analyze customer reported security issues
Experience with Identity and Access concepts and technologies to secure production and corporate access, such as: SSO, SAML Federated Identity, RBAC, authentication & authorization solution etc
Strong understanding of web vulnerabilities and weaknesses (cross-site scripting, cross-site request forgery, etc)
Ability to multi-task in a fast-paced environment Technical Requirements/Competencies
Self-organize: ability to plan, document, and execute complex tasks to a high-quality standard
Working understanding of networking concepts and protocols (BGP, TCP/IP layers, DNS, SMTP, SSL, etc
Experience managing vulnerability scanning tools (Qualys, Rapid7, Nessus, etc)
Technical knowledge in system and network security, authentication and security protocols, and application security
Strong understanding of web technologies - protocols, programming techniques, browsers, etc
Intermediate Windows and Mac skills to assess endpoint incidents
Superior communication skills, written using MS Office (Powerpoint, Word, Excel)