What you will be doing:
In this role, you will use your knowledge of industry best practices, good judgement, and problem-solving skills to execute security operations and incident response. You will be on the front lines of cyber defense for one of the largest retail organizations in the US. You should be adept at making good decisions under pressure and be able to quickly adapt to any security challenge. You will have a keen attention to detail and be disciplined in documenting process and procedures. You will also be in a support role for requests coming into the team making sure departmental SLAs are met. The Security Operations / Incident Response team goal is operational excellence, continual process improvement and customer service.
Main responsibilities:
- Perform log analysis and correlate disparate datasets to identify abnormal behavior.
- Respond to security events, driving issues to closure, and engaging all appropriate resources.
- Document Security process and procedures.
- Support service request in-take process and communicate back to requestors promptly.
- Provide enforcement of security policies, standards, and procedures.
- Knowing the latest on security technologies, trends, standards, and best practices.
- Participate Incident Response activities.
- Detecting, and analyzing cybersecurity threats.
- Working with our MSSP, responding to internal and external cyber security events.
- Ensure quality service delivery to internal customers across current and future capabilities including SIEM, Triage/Investigate/Response, Phishing Email Analysis and Response, Threat Detection Development.
- Ensure service incidents are closed within SLA.
- Ensure service metrics (SLAs/KRIs/KPIs) are met.
- Interface with our Cyber Threat Intelligence (CTI) team on detection development and new / upcoming threats.
- Will be working on Data Loss Protection.
- Other duties and responsibilities as assigned.
- This position will be a part of Albertsons Companies 24/7 Security Operations Center and may involve shift work including day, evening, and weekend roles.
What we are searching for:
- Expert level knowledge and understanding of information technology systems and process.
- Experience with IT Service Management. Especially around the delivery of security services.
- Demonstrated and proven analytical, problem solving and troubleshooting skills.
- The ability to learn, understand and apply new concepts quickly.
- Experience writing detection rules, firewall rules, or any other similar detection capability.