This is your opportunity to join AXIS Capital – a trusted global provider of specialty lines insurance and reinsurance. We stand apart for our outstanding client service, intelligent risk taking and superior risk adjusted returns for our shareholders. We also proudly maintain an entrepreneurial, disciplined and ethical corporate culture. As a member of AXIS, you join a team that is among the best in the industry.
The Security Analystplays a critical role in enterprise monitoring within the AXIS SNOC. The candidate is part of a larger team which is responsible for 24X7X365 Monitoring, Detection, Response, and Remediation in a highly dynamic, fast paced and rewarding environment. The successful candidate will work within the security spectrum of the SNOC actioning alerts, performing content development, tuning recommendations, proactive hunting, and applying security intelligence to the technology stack.
CORE JOB RESPONSIBILITIES:
- Able to analyze security events from multiple sources and prioritize alerting. Understand detection tools and methods for correlating events following established procedures. Dispositions events with a high degree of confidence, flags opportunities for tuning, escalation, and communication of high severity events to leadership.
- The SOC analyst is essential in execution of mission critical projects. Interfaces with stakeholders, and prepares plans, including but not limited to, quality, risk and communications. Maintains documentation of activities against the project schedule and provides deliverables to SOC leadership.
- Works in close coordination with Senior SOC and Security Operations Leadership for security solutioning selection and content development (tuning and use case development). Designs and builds dashboards and reporting as needed for SOC and other lines of business.
- Understand company culture and business processes; is empowered to identify alternative solutions and recommends new approaches. Assists in the requirements for the implementation of changes in the business process. The SOC Analyst is a driver for security awareness.
- Receives and addresses requests for support. Contributes to creation of support documentation.
- Provides security guidance and is an escalation contact for IT analysts in other towers.
- Collaborate with other members of the Security and Networking organizations to create and maintain standards and operating procedures, and provide information as appropriate to manager, project manager, and various departments within the Company.
- Able to work in development of security solutions, implementations of proposed solutions, and continuous tuning and development.
REQUIREMENTS FOR CONSIDERATION:
- Bachelor’s degree in Computer Science, a related field, or applicable work experience.
- 3-5+ years of cyber security experience in SIEM, Vulnerability Assessment,Incident Response, Firewall Management/Auditing, Endpoint, and/or IDS/IPS
- Preferred certifications include GIAC, OSCP, CEH, Security +, CCNA/IE Security
- Strong desire and aptitude to learn new technologies
- Motivated to continually provide input to enhance the Security Program
- Experience in working in a Security Operations Center (SOC) is preferred
- Experience reviewing and hardening OS and network configuration
- Understanding of BGP, MPLS, OSPF, etc. – Routing and switching
- Experience with Python and other scripting languages.
- Knowledge of SIEM platforms including content, tuning recommendations, as well as alert response is desired
- Knowledge of UNIX/LINUX systems
- Demonstrates decision making, problem solving and analytical skills with attention given to detail and accuracy
- Strong team player with ability to work with IT teams beyond the Security Tower
- Ability to work with a large degree of autonomy and minimal supervision.
- Excellent communication skills
- Follow-up, follow through, and deliver quality results within defined SLAs
- Able to prioritize events and provide guidance in alert management priority
- Experience with targeted cyber-attack analysis.
- In-depth knowledge of HTTP and headers, SMTP and headers and FTP, SSH and, TLS.
- IDS monitoring/analysis and content creation with tools including Snort, Regex and Yara signatures at an intermediate/advanced level.
- Ability to read and interpret PCAP data both in a GUI and in hexdump format.
- Ability to perform both static and dynamic malware analysis at a basic level preferred.
- Able to adapt to rapidly changing technologies and apply them to evolving business needs
- On call support is required 24X7 in rotational schedule
- Minimal travel required (training/conferences)