Previous Job
Previous
Security Operations Analyst III
Ref No.: 18-69694
Location: San Jose, California
Position Type:Contract
Experience Level: 11 Years
Start Date: 09/21/2018
 
Responsibilities: 
• Manage day-to-day security operational tasks such as security event monitoring, log monitoring and security incident management, compliance monitoring, data loss prevention, and monitoring and responding to emerging threats varying from endpoint to server to public cloud system.
• Act as primary support contact for security incidents, and provide direction to infrastructure and applications teams to initiate incident response. Liaison with internal and parties to address security concerns. Perform root cause analysis so we can continuously improve our prevention, reaction, and remediation of incidents.
• Perform ongoing vulnerability assessments including vulnerability scanning and vulnerability exploit testing (penetration testing) with clear reporting, threat identification and action plans for remediation with prioritization. This will also include any assessments for changes that the security team has identified as requiring a vulnerability assessment prior to release
• Supports the IT leadership in obtaining quality data from the appropriate sources to publish security metrics on an ongoing basis. User Administration – Tactical
• Act as the centralized, user access administrator for the key, critical applications and infrastructure used at Matson to ensure proper segregations of duties. This will involve provisioning and terminating user access based on established access and termination controls.
• Assist with the development, implementation, and administration of security awareness training for the enterprise.
• Act as a key point of contact for SOC audits as related to user provisioning, terminations. Perform special projects as assigned.
 
Qualifications: 
•        Bachelor's Degree in Computer Science (or equivalent degree) with 6+ years hands-on security experience. Security certifications a plus.
•        Background in security operations, project management, or information security, with knowledge of Cloud security models and controls (AWS)
•        3+ years of experience in technical security positions, SOC experience preferred
•        Strong experience with SIEM tools like Splunk or ELK and AWS Advanced Security tools Evident.io,Red Lock or Secure works.
•        Strong security research and root cause analysis skills to identify and analyze potential security vulnerabilities
•        Experience with compliance ( PCI, HIPAA)
•        Experience working with internal and external auditors on compliance initiatives
•        Customer service experience/Strong customer focus to analyze customer reported security issues
•        Experience with Identity and Access concepts and technologies to secure production and corporate access, such as: SSO, SAML Federated Identity, RBAC, authentication & authorization solution etc
•        Strong understanding of web vulnerabilities and weaknesses (cross-site scripting, cross-site request forgery, etc)
•        Ability to multi-task in a fast-paced environment Technical Requirements/Competencies
•        Self-organize: ability to plan, document, and execute complex tasks to a high-quality standard
•        Working understanding of networking concepts and protocols (BGP, TCP/IP layers, DNS, SMTP, SSL, etc.)
•        Experience managing vulnerability scanning tools (Qualys, Rapid7, Nessus, etc)
•        Technical knowledge in system and network security, authentication and security protocols, and application security
•        Strong understanding of web technologies - protocols, programming techniques, browsers, etc
•        Intermediate Windows and Mac skills to assess endpoint incidents
•        Superior communication skills, written using MS Office (Powerpoint, Word, Excel)