Information Security Analyst (SIEM/Tools)

Total System Services, Inc. Columbus, GA
Every day, the people of TSYS® and Netspend® improve lives and businesses around the globe through payments. We make it possible for millions of people to move money between buyers and sellers using our payments solutions including credit, debit, prepaid and merchant services. We are "People-Centered Payments", and our team has the unique opportunity to help create a world in which payments make people's lives easier and better. This is both a tremendous honor and an important responsibility for those who accept the challenge. If you are looking to make a valuable difference for people everywhere — and for yourself — we may have the right place for you.

Summary of This Role

You will be joining a team that provides SIEM support to a 24/7 Threat Management Center/Security Operations Center that protects a global payment processor from malicious cyber actors. We're looking for a Python or JavaScript developer who loves to create powerful applications that help analysts extract threat indicators from the volumes of data available to them, while also helping to execute routine functions in an automated fashion. Certification in the Splunk SIEM tool is a must. Any new-hire will provide day-to-day automation support for the Information Security Division – writing custom code and scripts to increase productivity and improve security situational awareness for the whole team. Your will also analyze various security data sources (firewalls, Intrusion Prevention, endpoint security, etc.) to optimize their log ingestion to Splunk. Experience with implementing Security Automation and Orchestration (SAO) tools such as Demisto, Phantom, or Swimlane are a major plus. Proficiency in creating REGEX code is also a plus.

Evaluates, tests, recommends, develops, coordinates, monitors, and maintains information security policies, procedures and systems, including hardware, firmware and software . Ensures that IS security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS security . Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents. Investigates and resolves security incidents and recommends enhancements to improve security. Develops techniques and procedures for conducting IS security risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents.

What Part Will You Play?

* Gains and maintains knowledge of how to monitor complex systems and response to known and emerging threats against the TSYS network via intrusion detection software

* Assists in detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events.

* Under close supervision performs incident handling process by gaining knowledge in implementation of containment, protection and remediation activities.

* Gains and maintains knowledge of new and emerging threats that can affect the organization's information assets by assisting in analysis of third party software/solutions, IT configuration changes (including access control requests), and network/system architecture from risk perspective

* Under close supervision designs and configures security systems, including proxy, remote access, mail gateway, intrusion prevention, wireless networking, data leak prevention, security information and event management and web application firewalls.

* Assists in assessing and disseminating threats related to the enterprise in regard to current vulnerability by managing and developing an emerging threat model.

* Develops an understanding of how to assess risks based on changes to implementation of ISO(International Organization for Standardization)/BSO(Business Services Online); gains knowledge of PCI(Payment Card Industry)/Logical Security guidelines and models, HIPPA(health insurance portability and accountability act), PII(Personally Identifiable Information), and Card personalization.

* Gains knowledge of how to create cost effective solutions for system/application development regarding Information Security processes and concepts in applicable systems and software.

* Works under close supervision to perform day-to-day Information Security functions pertaining to numerous security software products and processes.

What Are We Looking For in This Role?

Ability to write utility code/scripts to improve existing functions and workflows or create new workflows that automate repetitive functions. Must be certified as a Splunk Power user or higher. Familiarity with Information Security Case Management processes and tools (Resilient Case Management or similar) are preferred skills. Experience with implementing Security Automation and Orchestration (SAO) tools such as Demisto, Phantom, or Swimlane are a major plus. Proficiency in creating REGEX code is also a plus. The ideal candidate will be comfortable building python-based web APIs while also being able to extract information from a corporate-level SIEM tool that processes 1TB+ daily

Minimum Qualifications

* Bachelor's Degree Preferred, Industry experience in software development and or SIEM development

* Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field. Or relevant work experience in a related field.

* Typically No Relevant Experience Required

Preferred Qualifications

* Typically Minimum 2 Years Relevant Exp

* Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act), etc.))

What Are Our Desired Skills and Capabilities?

* Skills / Knowledge - Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.

* Job Complexity - Works on problems of limited scope. Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. Builds stable working relationships internally.

* Supervision - Normally receives detailed instructions on all work.

* Risk Assessment - Ability to identify, communicate, and mitigate risk within technical solution designs

* Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.

* Incident Response - Knowledge and skills to contribute to all phases of Incident Response.

Not Ready to Apply? Join Our Talent Community!!

US Applicants:

TSYS is an equal opportunity employer (EOE) committed to employing a diverse workforce and sustaining an inclusive culture. For more information about your rights, click here.

Qualified individuals with disabilities may be entitled to reasonable accommodations to assist in their pursuit of employment with TSYS. This includes assistance in completing the job application (online or otherwise) and reasonable accommodations during the hiring process. For assistance with reasonable accommodations needed to apply for a job, please contact the TSYS Pay and Benefits Center between 8 a.m. and 7 p.m. Eastern Monday-Friday at +1.706.644.8747 or +1.877.644.8747 or email at


Outside of US Applicants:

TSYS is committed to diversity and equal opportunities for everyone. We are committed to ensuring that all job applicants and team members are treated equally, without discrimination because of gender, sexual orientation, marital or civil partner status, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability, age or any other characteristic prohibited by law. For more information, please refer to our Code of Business Conduct and Ethics, found here.