security operations center soc jobs opportunities

Security Operations Development Analyst

Security Operations Development Analyst

Business Unit The Security Operations team within Philips Information Security works diligently to provide reliable and secure services across the global enterprise. The team has a focus on system reliability and security through the continuous operation of secure solutions. The Security Operations Center (SOC) consists of a 24/7 incident response capability as well as a proactive hunting team for advanced threats, a threat intelligence team and dedicated security engineering and development staff.   Job description The Security Operations Development Analyst’s primary objective is to ensure the availability and operational effectiveness for the entire Security Operations technical landscape as well as alignment with defined business risks. In addition, the analyst also has responsibility to:   ·         Monitor the performance of security tooling ·         Maintain security tooling through appropriate patch management ·         Ensure security tool capacity is managed and anticipated ·         Administer user access to the security tooling ·         Develop and implement automation throughout Security Operations ·         Maintain the shared Knowledge Base/Security Operations Portal.   The analyst works in a close teaming approach with other SOC analysts, and involve when necessary other Subject Matter Experts.   Following business and operational efficiency principles, proactive and performance oriented activities are performed. This involves (analytical) activities to enable intelligence gathering and usage, ability to engineer and implement engineering requirements, and ability to perform in the triage processes (detect and response)   Typical outputs from the Analyst function are: ·         Integration and enhancement of the cyber threat intelligence ·         Solution engineering, use case development and technical architecture ·         Event triage and response ·         Focused forensic investigations ·         Delivery of performance indicators for the different SOC areas ·         Support and escalation point for other functions   Your Challenge The Security Operations Development Analyst is expected to be able to deliver value in the following areas of expertise:   Threat Intelligence: ·         Discovers, analyzes and prioritizes new threat intel sources ·         Integration of intelligence feeds into the operational processes   Engineering: ·         Develops content, such as scripts, use cases for SIEM, queries for log management, connectors for security technology or automated data gathering for forensics. ·         Creation of overall situational awareness, combining outputs to be further used by the SOC   Detection & Response: ·         Perform anomaly detection and malware hunting ·         Manage security incidents to conclusion ·         Perform forensic investigations A snapshot of your responsibilities includes: ·         Deliver value in Threat Intelligence: create situational awareness, integrate and fuse intelligence from different sources, proactively determine if new sources are available, improve the intelligence capability ·         Execute solution engineering and technical architecture: Integrate security technologies, maintain the security tooling, create and implement content), troubleshoot SOC tooling, create and optimize SOC workflows ·         Perform advanced threat detection, malware and threat hunting, anomaly detection and security analytics ·         Execute threat response: forensics, crisis management and creation of mitigation courses of action Our Offer At Philips, we are driven by our mission to improve the lives of 3 billion people per year by 2025, and every day we move closer to achieving our goal by creating cutting-edge solutions that lead to confident diagnosis, improved care, and increased quality of life for patients. Thanks to our employees who share our passion for improving lives, we are at the forefront of the Healthcare industry leading in image guided interventions, ultrasound, patient monitoring, cardiology informatics, sleep therapy and respiratory care. Named one of the Top 50 Happiest Companies in America in 2013, we enable our employees to create a legacy in life through their work and support their development through people-centric learning, total rewards and personalized development planning programs. We are looking for The ideal candidate must have a passion for security and all things technical, with a good understanding of adversary motivation
North Andover
Sr. Security Operations Engineer

Sr. Security Operations Engineer

Primary Job Responsibilities:StubHub (an eBay company) is looking for an experienced InfoSec Engineer to work with the SOC team to keep us safe as our business is expanding. It's an opportunity to have tremendous impact and broad scope protecting StubHub's data, and our millions of fans. The Security Operations Engineer will be responsible for monitoring globally all StubHub sites, identifying potential and current cyber threats and actively working to prevent or eliminate threats. This position is responsible for device and network forensics, log investigation, Analyzing and maintaining service stability by creating and documenting troubleshooting instructions and best practices, utilizing best practices and providing recommendations to improve problem identification and response time in systems. Job Requirements: Responsibilities - Configure and set up alerts on all the SOC security tools - Set best security practices for partners and 3rd party integrations - Lead threat modeling, mitigation discovery, and manual/automated verification of mitigations. - Develop recommendations/plans to mitigate issues found during monitoring. - Participate in incident response and forensics. - Build tools and infrastructure for automating incident response. - Triage internal security events, responding or escalating as needed. - Monitor external information sources for new security developments & advisories. - Respond email security inquiries from internal stakeholders. - Maintain StubHub’s vulnerability management infrastructure and track remediation measures. - Perform security testing of networks and applications. - Perform data access reviews and periodic recertification for critical systems. - Participate in setting all required alerts to validate compliance with PCI & SOC - Participate in external audits of StubHub’s security (pen testing, etc.). - The global nature of StubHub’s business and the 24/7 nature of security threats will occasionally require out of business hour work, ranging from monitoring/answering emails, investigating critical alerts or responding to incidents. Qualities we are seeking - A passionate, innovative, creative, motivated security generalist eager to participate in and continuously learn about multiple aspects of security. - Ability to take a project and run with it – a strong work ethic, organizational skills, perseverance, and the ability to utilize research tools to solve problems – as well as the ability to recognize when it is time to ask for help in surmounting an obstacle. - Strong written and oral communications skills and the ability to explain security concepts to people of varying levels of security sophistication. - Strong organizational skills – the ability to prioritize and manage multiple work streams. - Willingness to get one’s hands dirty and deal with some of the less glamorous aspects of security – processes, procedures, and App security.
San Francisco