Vacancy expired!
L2 Security Analysis AdvisorBedford, MA or Round Rock, TX or RemoteThe Dell Security & Resiliency organization manages the security risk across all aspects of Dell’s business. We are currently experiencing incredible growth in order to meet the security needs of the world’s largest technology company. With team members located in over 15 countries, you will have an excellent opportunity to influence the security culture at Dell and further develop your career.Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.Reporting to the Dell Global Incident Response Team, the Security Analysis Advisor is responsible for investigating and reporting of major security incidents supporting all Dell business units and mergers & acquisitions. This role requires experience in all phases of Cyber Security Incident Response including preparation, analysis, notification, response, recovery, and post-mortem. The Global Incident Response Team is responsible for coordinating with IT, Legal, Human Resources, and other appropriate business units to gather incident details, assess impact, and coordinate response. This role interacts with all levels of the organization, particularly within the Global IT organization and is viewed as a subject matter expert.The focus of the role is primarily responding to security incidents, managing and consistently maturing the security incident response process to meet the needs of Dell, and building the Global Incident Response Team's technical investigative capabilities (process & technology).Key Responsibilities
Supervise formal incident response tasks.
Form and lead a leveraged virtual incident response team with the various global IT teams and business units and coordinates resources to effectively perform incident response tasks.
Take responsibility for successful execution of incident response plan.
Present incident response report and lessons learned to management.
Identify and recommend process improvements.
Provide security control enhancement recommendations based on security incident data.
Mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to.
Respond and perform technical security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident.
Communicate and build effective relationships with people at all levels.
Manage and drive to closure all Audit issues to the Incident Response and Management process.
Attend internal and vendor training if and when required.
Communicate and educate information security risks to end-users.
Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
Build security utilities and tools for internal use that enables you and your fellow team mates to operate at high speed and broad scale.
Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.
Perform deep dive analysis of malicious artefacts.
Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats.
Review, analyze and resolve difficult and complex information security incidents.
Develop new approaches and techniques for use by others.
Work with the Security Response Center analysts on incident response tickets and manage / prioritize queue assignments.
Document and communicate findings.
Plan and execute annual Security Incident Response table top exercises.
Requirements
Proven ability to think analytically and solve technical and business problems required
Exceptional ability to analyze and distill relevant findings and determine root cause
Ability to conduct investigations on compromised computers and servers
Proficiency in conducting live assessments on networks, and multiple platforms
Experience in Log and Event analysis as well as correlation of data
Hands-on experience in building automated tools in one or more of the following languages: Python, Ruby, PowerShell, Bash, Batch, C, and C Strong knowledge of web technologies, networking protocols, Microsoft Windows and Linux/Unix platforms and tools
Excellent command in English, both written and verbal
Ability to exercise discretion and maintain confidentiality
Excellent time management skills
Excellent coordination skills
Experience in project management / coordination or working in a project team
Reliability, diligence and self-management
Strong customer service skills
Positive and professional attitude
Ability to work in a dynamic and multicultural environment
Technical experience and familiarity of various types and techniques of cyber-attacks.3 - 5 years hands-on experience with focus in areas such as systems, network, application, and information security
ITIL Service Management and/or SANS Advanced Digital Forensics and Incident response qualification (FOR508) is a plus. Tertiary qualifications in Information Systems and specialization in Information Security
Must possess either one or more of the following certifications – CISSP, CEH, CHFI, CISA, CISM and/or PM
Dell is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity and/or expression, national origin, protected veteran status, disability, genetics, or citizenship status (when otherwise legally authorized to work) and will not be discriminated against on the basis of such characteristics or any other status protected by the laws or regulations in the locations where we operate. Dell encourages applicants of all ages.
Vacancy expired!