WE WANT YOU.

Learn more about this opportunity.

APPLY NOW    

Sr. Cyber Security Analyst

Function: Technology
Location: , Framingham, MA US
Date posted: 9/10/2019 12:06:58 PM
Type: Full-time
Permanent / Contract: Regular
Job number: 1099602
Description
Introduction
Staples is looking for a talented, experienced, and enthusiastic Senior Cyber Security Analyst to lead, manage and mentor the Staples’ Security Operations Center and DFIR Team. The Sr. Cyber Security Analyst has responsibility for leading, mentoring and serving as an escalation point within the Staples’ SOC. The Analyst will be responsible for assisting in escalated manners and will be involved with log collection, review/analysis, and response in a timely fashion. The Analyst will be required to fulfill a lead role and provide frequent SOC status, updates and communications to the Senior Manager of Threat & Vulnerability Management. The Analyst will also be expected to conduct digital forensics analysis and investigative tasks when necessary. The Analyst will help to understand gaps, challenges, and present opportunities for new development and improvements within the Security Operations Center.

Primary Responsibilities:
  • Lead, mentor, and serve as an escalation point for Security Analysts in Staples’ SOC & DFIR Team
  • Perform in-depth analysis and investigative efforts when events are escalated and determine next appropriate containment/remediation/eradication efforts
  • Responsible for driving execution of daily, weekly, and monthly metrics for statistical threats and KPIs
  • Brief Senior Manager of Threat & Vulnerability Management on key updates, status,   challenges, concerns of Security Operations Center environment  
  • Research & suggest opportunities for Security Orchestration & Automated Response(SOAR)  
  • Prepare incident reports and findings for both technical and non-technical audiences
  • Assist with defining and updating incident response playbooks to ensure tasks align with best practice 
  • Guide the SOC team in the identification, investigation, response and remediation of security events and incidents

Skills:
  • Experience in Security Event analysis and triage, incident handling and root-cause identification 
  • Capable of leveraging a SIEM and various security related toolsets to conduct an investigation/analysis of a given security related event or incident
  • Monitor for nefarious or threat adversary activity on a regular basis
  • Understanding new features, technologies and advancements within  Security Monitoring and Response
  • Mentoring of Security Analysts and Cyber Security team members
  • Work with external teams to Cyber Security to determine appropriate incident handling measures and steps for remediation
  • Apply various security related events and incidents to Cyber Kill Chain and MITRE ATT&CK Framework 
  • In-depth knowledge of privilege escalation, persistence and lateral movement techniques
  • Excellent verbal and written communication skills, comfortable with presenting complex concepts. Ability to prioritize, schedule and track to deadlines  
  • Highly motivated and self-directed
  • Comfortable directing the work of others
  • Ability to work both independently and as part of a small, distributed team.
  • Flexibility to work outside regularly scheduled/normal business hours as required.


Qualifications

Basic Requirements:

  • A Bachelor of Science degree in Computer Science, or related field
  • 7+ years of overall technical experience
  • 4+ years of Security Operations Center (SOC) experience


Preferred:

  • Experience with managing outsourced, inhouse and hybrid SOC units
  • Familiarity with SIEM, EPP, and Incident Management tools
  • Demonstrable experience with Event Detection tools
  • Demonstrable experience with IDS/IPS
  • Expert level knowledge of Network Security Monitoring techniques
  • Scripting Experience: BASH, PowerShell, Python, etc..
  • Understanding of relevant Security frameworks: PCI DSS, SOX, NIST 800
  • Knowledge of Scrum and Kanban
  • Technical professional security certification such as:
  • ISC(2) – CISSP, CCSP
  • SANS GAIC – GSEC, GCED, GCIH, etc..
  • Cloud - Azure/AWS/GCP



Staples is The Worklife Fulfillment Company, helping businesses of all sizes be more productive, connected and inspired. With dedicated account teams, category professionals, innovative brands and a curated product assortment for business, Staples provides customized solutions to help organizations achieve their goals. Interested in joining the team? Check out our perks and benefits!

Staples is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other basis protected by federal, state, or local law.

Staples
APPLY NOW    

There's more to explore