Senior Security Operations Analyst
Blackberry Limited
 Washington, DC

Worker Sub-Type:

Regular

Job Description:

Summary:

The BlackBerry U.S. Cyber Security Operations Services (CSOS) team performs security continuous monitoring and response, hunting for threats, delivering technical implementation and support of security tooling and applications supporting BlackBerry products in FedRAMP cloud environments. FedRAMP requires that cloud solution providers continuously monitor their FedRAMP environments, meet stringent reporting requirements for all incidents, rapidly address known security weaknesses documented in Plan of Action and Milestones (POAM), identify and document new and evolving risks, and provide Federal customers with quarterly reports and annual assessments.

As a Security Operations Analyst II, you will work with the CSOS team to evaluate the security posture of the FedRAMP environments, analyze event data collected by CSOS security tools, and generate specific recommendations with respect to suspected threats and how to mitigate them. The Analyst II will be a key member of the CSOS team. You will generate specific recommendations on system, security tool, and process changes that will enhance the overall security of the FedRAMP environments being monitored.

Responsibilities Include:

  • Ensures the integrity and quality of our incident detection and containment processes and assist in the execution of these processes as required. These processes support the handling of malicious activity, including network security incidents, malware, unauthorized access, security policy violations, intellectual property leaks, and responsible disclosures.
  • Work with internal stakeholders to integrate various log sources in to the SIEM, including building custom data sources as required.
  • Identify and implement opportunities to improve existing SIEM process, procedures, reporting and tasks.
  • Analyze server and network logs to detect violations of security controls, and collect data required for forensic analysis.
  • Identifies and analyzes trends in security risks, vulnerabilities and threats to networks, systems and applications.
  • Develops use cases and supports the continuous improvement of the monitoring and detection capabilities.
  • Provide 2nd/3rd level problem solving expertise to resolve complex issues and identify root cause
  • Build and maintain partnerships across the CSOS team, Compliance team, subscribing Federal customer cyber security offices, and the BlackBerry Global security team.
  • Assist in monitoring security alerts for potential events/incidents as well as trending and historical analysis and ensuring all incident reports are complete and written within standard operations. Conduct research to maintain and expand knowledge on the latest cybersecurity technologies and standards, as well as the threat landscape.
  • Design and develop innovative methods of automating and integrating with multiple technologies.
  • Plan and implement security measures to protect networks, systems and data.

We are looking for individuals with the following skills & qualifications:

  • The ideal candidate will have 5+ years of experience as a Security Analyst or Security Operations Specialist
  • College degree in Computer Information Systems or Computer Science
  • Practical experience and extensive knowledge of HPE ArcSight, including developing queries, filters, data models, and dashboards is required
  • Knowledge of Network principles and protocols, security practices, and essential security technologies (AV, FIM, HIPS, NIPS, SIEM, WAF/DAM, DLP, IDS/IPS).
  • Experience with vulnerability management to include use of tools such as Nessus, DBProtect, AppScan, etc.
  • Experience managing Linux/UNIX and Windows based devices at the System Administrator level, Understanding of systems administration, intrusion detection and vulnerability analysis.
  • Experience with methods for ethical security hacking/penetration testing. Familiar with the tools and techniques used by ethical hackers including vulnerability scanners and network mapping tools.
  • Excellent communication skills to be able to work with individuals at all levels of the organization and with third party vendors.
  • Experience with security testing tools, development of threat assessments and security testing methodologies would be an asset
  • Detail oriented with strong analytical and organizational skills.
  • Excellent communication skills to be able to work with individuals at all levels of the organization and with third party vendors.
  • Some experience as a front line security analyst or similar security role.
  • Security certifications such as RHCSA, RHCE, CEH, GCIH, GCIA and SIEM certifications are a strong asset.
  • Understanding of FedRAMP controls and Federal agency security requirements and processes, and Knowledge of Nessus LCE considered a plus.

Job Family Group Name:

Information Technology

Scheduled Weekly Hours:

40