Security Senior Analyst Job Description
Security Senior Analyst Duties & Responsibilities
To write an effective security senior analyst job description, begin by listing detailed duties, responsibilities and expectations. We have included security senior analyst job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Senior Analyst Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Senior Analyst
List any licenses or certifications required by the position: CISSP, ITIL, CEH, GIAC, GSEC, SANS, GCIH, SEC504, GCED, SEC501
Education for Security Senior Analyst
Typically a job would require a certain level of education.
Employers hiring for the security senior analyst job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and University Degree in Computer Science, Technical, Engineering, Information Security, Education, Technology, Information Technology, Information Systems, Management, Business
Skills for Security Senior Analyst
Desired skills for security senior analyst include:
Desired experience for security senior analyst includes:
Security Senior Analyst Examples
Security Senior Analyst Job Description
- Engages with business to facilitate their understanding and managing Information Risk incidents related to their own business activities
- Advanced event detection, correlation, and triage
- Advanced analysis of the results of the complex monitoring solutions
- Passes escalated output from the Junior level Analysts
- Reviews information systems using automated monitoring tools for actual or potential breaches or non-compliances
- Ensures that all identified events are promptly and thoroughly investigated
- Ensures that security records are accurate and complete
- Investigates complex, or highly sensitive violations referred by more junior Analyst, handling issues efficiently and professionally
- Investigate reported vulnerabilities, provide information about defect types, steps to recreate, exploitation likelihood, impact, risk
- Evangelize policy, standards and technical guidance to the rest of the organization
- Business Continuity designations preferred (ABCP or CBCP)
- Specialist security research and analytical capabilities
- Two-year technical degree, equivalent work experience, Bachelor's degree from a four-year college or university preferred
- A minimum of four years’ experience in a technical support role or job related experience, supporting security related technology in a diverse technology environment
- Experience with a System Information and Event Management (SIEM) or other scalable log management solution, including the configuration and tuning of the system
- Experience with vulnerability scanning and reporting (e.g., Nessus, SAINT)
Security Senior Analyst Job Description
- Support the information security consultancy function by analyzing projects for security risks and impacts, documenting and communicating requirements and recommendations, and monitoring compliance through the development lifecycle
- Review project requests, assess for information security risks, report findings, and monitor for remediation
- Analyze systems and networks for a clear written determination of compliance, residual risk, and potential vulnerability mitigation strategies
- Support the development of information security standards and best practices
- Develop, maintain, and publish security advisory program metrics
- Assist the development of security tool requirements, trials, and evaluations, security operations procedures and processes
- Manage all aspects of security of a multisite network
- Be a subject matter expert on cyber security
- Perform continuous risk assessments and vulnerability remediation
- Assess security postures of SAAS products and third party vendors
- Work with development teams to implement static & dynamic code scanning
- Work with development teams to implement security checkpoints into the SDLC
- Define Secure coding standards
- Perform application source code analysis to track and work with development to remediate vulnerabilities
- Manage web application penetration testing
- Provide analysis and guidance regarding threats, vulnerabilities, and privacy and security incidents
Security Senior Analyst Job Description
- First responder to security event escalations via email, phone, ticket and chat
- Detect, escalate, and assist in remediation of critical information security incidents
- Document and communicate findings with customers in a detatiled, professional and timely manner
- Improve and challenge existing standard operating procedures in a very agile and fast-paced information security environment
- Identify and design information security use cases to address new and existing cyber threats
- Evaluate and enhance existing SIEM rules, alerts and use cases
- Develop new SIEM rules, alerts, dashboards and reports
- Maintain knowledge of SIE information security policies and goals
- Keeps current on the cyber security threat landscape and trends
- Continually create new knowledge base articles
- Must be familiar with both Windows OS and Red Hat Linux for troubleshooting and installation
- Conceptual knowledge on different areas of computer security (network, application, cryptography, forensics, incident response)
- Basic understanding of computer networks (VLAN, IP addressing, security zones of trust)
- Understanding of common security attacks (DNS cache poisoning, ARP spoofing, DDoS, XSS, CSRF, SQL Injection)
- OFirewalls (Cisco PIX, ASA, NetScreen, CheckPoint, Nokia, Palo Alto, Juniper)
- OIntrusion Detection (IDS) and Intrusion Prevention (IPS) systems
Security Senior Analyst Job Description
- Interface with groups and individuals to resolve security issues related to implementation of network and security products
- Efficiently manage multiple simultaneous tasks across new projects and existing systems, including management of on-call
- Serve as a Subject Matter Expert on advances in emerging technologies and potential applications to American’s security teams
- Identify security process improvements based on reports, data analysis and airport study results to drive security process efficiencies and operational performance improvements
- Present findings and translate the information into an understandable document
- Analyze the numbers, trends and data to come to conclusions based on the findings
- Work closely with Customer Planning, Purchasing, vendors and regulatory agencies to determine needs and implement projects
- Create and communicate timely reports and assist in maintaining project timelines and trackers
- Perform investigations on a wide variety of events from various sources to determine whether they pose a threat to Atlassian
- Solid foundation of general IT knowledge and experience
- Displays a solid knowledge/understanding of networking principles such as routing, protocols, network applications
- 5+ Years of experience with standard information security technologies (IPS/IDS, WAF, DAM, SIEM, AV, EDR)
- Knowledge of network security architectures, standards, tools and methodologies
- Knowledge of TCP/IP, network packets analysis
- Knowledge of security considerations around virtualization and cloud applications
- Ability to communicate technical security requirements to technical and non-technical personnel
Security Senior Analyst Job Description
- Work on projects to improve the value of security monitoring for clients
- Contact person for technical and operational topics
- Contact person for Security incident management and change management inquiries
- Provide an overview of Incident Analysis
- Assist customer security staff with incident management, security strategy, and publication of security intelligence
- Communicate the final disposition related to Security Incident root cause analysis
- Develops and present management and executive reports/presentations (in partnership with customer)
- Review assessment results, passive risk/event analysis, and monitoring reports before being published to customer
- Serve as a member of customer Security Analysis and GRC Team, while customer maintains direct leadership
- Partner with customer to refine security methodologies
- Familiarity with and practical application of common cybersecurity standards (e.g., ISO 27002, NIST CSF, NIST 800-53 ), laws and regulations related to information security and data confidentiality
- Firm understanding of NIST 800 series special publications
- Familiarity with NSA Community Gold Standard and Federal laws, regulations, guidance, and activities related to Cybersecurity
- Firm understanding of Governance, Risk, and Compliance (GRC) concepts, platforms, and tools
- Experience with Shared Service and Cloud security and compliance
- Experience using automated tools to capture and manage requirements and create enterprise architecture models, content, and visualizations (e.g., Rational Team Concert Configuration and Change Management Suite, IBM Rational System Architect XT)