Associate, Information Security (Security Monitoring)Apply
The Associate, Information Security [Security Monitoring Analyst] designs implements and monitors Financial/Accounting/Operational processes. The incumbent is responsible for detecting threats and vulnerabilities in target systems, networks, and applications by conducting systems, network and web vulnerability assessment / security testing. The security monitoring analyst role is a 24/7 on-call position. This role also works in scheduled shifts between the hours of 8:00 AM EST and 6:00 PM EST Monday through Friday.
- Monitor for and detect security events from SIEM, Log collection Engines and other security technologies, such as Splunk
- Perform investigations using various Monitoring Security technologies (i.e. IDS/IPS, DLP, etc.)
- Review alerts escalated by end users
- Perform initial triage of incoming issues (initially assessing the priority of the event, initial determination of event to determine risk and damage or appropriate routing of security or privacy data request)
- Monitoring of health alerts and downstream dependencies
- Provide limited response to end users for low complexity security events
- Review and take a proactive approach to false positive and work with the various Security teams to tune and provide feedback to improve accuracy of the alerts.
- Document, investigate and Notifying appropriate contact for security events and response
- Takes an active part in the resolution of events, even after they are escalated
- Must participate in an on-call roster
- Must participate in a scheduled shift rotation, and be able to be in the office between the hours of 8:00 AM EST and 6:00 PM EST
Collaborate with technical teams for security incident remediation and communication
Conducts proof of concepts, vendor comparisons and recommend solutions in line with business requirements
Conducts security research on threats and remediation methods
Contributes to strategic planning to evaluate, deploy or update security technologies
Creates process improvement by identifying inefficiencies and solutions for process improvements
Follows a standard methodology to identify and/or detect threats to the IT infrastructure, applications and other information assets
Prepares system security reports by collecting, analyzing, and summarizing data and trends; presents reporting for management review
Promotes cross-department collaboration and communication to ensure appropriate processes, procedures and tools are installed, monitored, and effectively operating and alerting
Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations
Bachelor's Degree; Computer Science or equivalent field., or equivalent work experience
5-9 years in field or similar industry
Experience in information security, governance, IT audit, or risk management
Ability to communicate concisely, effectively and directly to executive management
Ability to work cooperatively in a team environment
Advanced knowledge of Microsoft Office (Outlook, Word; Excel) and PowerPoint
Exceptional organizational skills and attention to detailbility to work cooperatively in a team environment
Experience planning, researching and developing security strategies, standards, and procedures
Knowledge of risk assessment tools, technologies, and methods
Proven ability to understand and analyze complex issues, then apply experience and judgment to develop sound recommendations especially as related to malware, eDiscovery, current threats/attacks and/or vulnerability management
Strong understanding of security, incident response and/or networking/PC concepts
Minimal physical effort such as sitting, standing, and walking.
Ability to demonstrate understanding of Security investigations process and procedures
Ability to demonstrate technical experience working with enterprise security technologies like SIEM, antivirus/malware, IDS, WAF, DDoS mitigation platforms.
General network knowledge, TCP/IP, Internet Routing, UNIX / LINUX & Windows NT
Understanding of common network services (web, mail, DNS, authentication)
General Desktop OS and Server OS knowledge
Demonstrate ability to work with an Incident Management Tool (RSA Archer, ServiceNow).
Demonstrate excellent communication and organizational skills.
Demonstrate experience in windows/Unix scripting languages such as bash, python, regex and power shell.
Preferred Training, Qualifications, and Certifications
CEH: Certified Ethical Hacker
SEC401: Security Essentials
SEC511: Continuous Monitoring and Security Operation
GCIA: GIAC Certified Intrusion Analyst
GCIH: GIAC Certified Incident Handler
At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We actively encourage everyone to apply.
Primary Location:New Jersey-Holmdel-101 Crawfords Corner Road - 06368 - Bell Works
Job Posting:Dec 7, 2018, 8:51:05 PM
AN EQUAL OPPORTUNITY EMPLOYER M/F/Vet/Disabled/SOApply