Information Security Analyst
The Information Security Analyst participates in the monitoring, identification, analysis, case management and response actions of an information infrastructure supporting the business needs of Delhaize America. The analyst monitors security sensors, application, and network data for potential information security events and information security incidents.
Principle Duties and Responsibilities:
- Rapidly assess security information, triaging and responding to security events, identify false positives, and conduct correlation analysis across numerous internal and external data sources, identify information security incidents.
- Develop technical and process capabilities for operationalizing new and tuning existing security solutions to ensure that only actionable data are escalated as security events.
- Follow detailed operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.
- Manage, maintain and monitor multiple security technologies, such as IDS/IPS, syslog, file integrity, vulnerability scanners monitoring/correlation systems.
- Correlate and analyze events using Delhaize America’s Security Information and Event Management (SIEM) solution to detect IT security incidents.
- Proactively hunt and seek for unidentified threats in the environment.
- May support network vulnerability scans, security audits, or risk assessments and provide feedback to ensure compliance with corporate security policies and adherence to industry best practices.
- Participate in intelligence sharing and trust groups, then apply this knowledge to security controls.
- Develop and maintain standard operating procedures to reflect day-to-day security operations.
- Create innovative in-house control capabilities to assist in the automation of existing security operations functions.
- Perform or coordinates penetration testing and web application security assessment activities.
- Assist with building correlation rules and patterns to automate monitoring capabilities.
- Provide technology consulting for integration activities with SIEM.
- Assist with the on-going maintenance of incident and event classification.
- Provide technical input on threat and vulnerability risks.