Security Operations Analyst II

Blackberry Limited Arlington, VA
Worker Sub-Type:

Regular

Job Description:

Job Description Summary

The U.S. Cyber Security Operations Services (CSOS) team performs security continuous monitoring and response, hunting for threats, and technical implementation and support of security tooling and applications for BlackBerry products in FedRAMP cloud environments. FedRAMP requires that cloud solution providers continuously monitor their FedRAMP environments, meet stringent reporting requirements for all incidents, rapidly address known security weaknesses documented in Plan of Action and Milestones (POAM), identify and document new and evolving risks, and provide Federal customers with quarterly reports and annual assessments.

As a Security Operations Analyst II, you will work with the CSOS team to evaluate the security posture of the FedRAMP environments, analyze event data collected by CSOS security tools, and generate specific recommendations with respect to suspected threats and how to mitigate them. The Analyst II will be a key member of the CSOS team. You will generate specific recommendations on system, security tool, and process changes that will enhance the overall security of the FedRAMP environments being monitored.

Responsibilities Include:

* Ensuring the integrity and quality of our incident detection and containment processes and assisting in the execution of these processes as required. These processes support the handling of malicious activity, including network security incidents, malware, unauthorized access, security policy violations, intellectual property leaks, and responsible disclosures.

* Identify opportunities to improve existing process, procedures, reporting and tasks.

* Analyze server and network logs to detect violations of security controls, collect data required for forensic analysis.

* Develop use cases and supports the continuous improvement of the monitoring and detection capabilities.

* Assisting with the support, administration, and evolution of BlackBerry product FedRAMP environment and security tools used.

* Provide 2nd/3rd level problem solving expertise to resolve complex issues and identify root cause

* Build and maintain partnerships across the CSOS team, Compliance team, subscribing Federal customer cyber security offices, and the BlackBerry Global security team in Waterloo, Canada.

* Assist in monitoring security alerts for potential events/incidents as well as trending and historical analysis and ensuring all incident reports are complete and written within standard operations. Conduct research to maintain and expand knowledge on the latest cybersecurity technologies and standards, as well as the threat landscape.

* Plan and implement security measures to protect networks and data.

We are looking for individuals with the following skills & qualifications:

* The ideal candidate will have 5+ years of experience as a Security Analyst or Security Operations Specialist

* College degree in Computer Information Systems or Computer Science

* Practical experience and extensive knowledge of HPE ArcSight, including developing queries, filters, data models, and dashboards is required

* Knowledge of security practices and essential security technologies (AV, FIM, HIPS, NIPS, SIEM, WAF/DAM, DLP, IDS/IPS).

* Experience managing Linux/UNIX and Windows based devices at the System Administrator level Understanding of systems administration, intrusion detection and vulnerability analysis.

* Experience with methods for ethical security hacking/penetration testing.

* Familiar with the tools and techniques used by ethical hackers including vulnerability scanners and network mapping tools.

* Excellent communication skills to be able to work with individuals at all levels of the organization and with third party vendors.

* Experience with security testing tools, development of threat assessments and security testing methodologies would be an asset

* Detail oriented with strong analytical and organizational skills.

* Self-motivated.

* Some experience as a front line security analyst or similar security role.

* Legally eligible to work in the United States

* Security certifications such as CISSP, CEH, GCIH, CISM and SIEM certificates are a strong asset.

* Understanding of FedRAMP controls and Federal agency security requirements and processes considered a plus.

Scheduled Weekly Hours

Regular office hours (9am – 5pm)

40 hours a week

Office Location in Washington D.C - TBC

#LI-AA1

Job Family Group Name:

Information Technology

Scheduled Weekly Hours:

40

Similar jobs you might like