XERO, Inc. seeks a Security Operations Analyst in Denver, CO.
Duties:
Triage alerts received from the external SIEM and other sources. Allocate remediation activities to appropriate Xero teams, track and escalate remediation activities to ensure timely resolution.
Investigate and analyze customer security concerns and incidents, actual or suspected. Work with CX and Legal teams to provide appropriate responses to customers.
Investigate internal security incidents, actual or suspected, to contain and understand the extent of any impact. Invoke and manage the Security Incident Response Plan if necessary. Perform root cause analysis and recommend security improvements to prevent recurrence.
Document standards defining requirements to meet operational security needs. Work with the other security teams to ensure these operational security standards are communicated and met across Xero.
Help to define requirements to automate and continuously improve the efficiency of threat detection, alerting and response.
Exploit security tools to continuously improve the detection, prevention and analysis of security incidents.
Keep informed as to emerging security threats that have the potential to impact Xero and implement/recommend mitigating strategies.
Utilize available threat intelligence sources to inform and improve attack detection techniques.
Help to develop and maintain security operations playbooks and runbooks in support of the Security Incident Response Plan.
Support other Security Operations Analysts in developing skills relevant to their discipline, and help them in becoming the best versions of themselves.
Assist the team with various tasks including recruitment, training and development.
Works within the technology and financial technology (Fintech) industries, where the primary function is to protect the security and integrity of Xero's global platform and its customer data.
Works extensively with multiple Security Information and Event Management (SIEM) platforms, including SumoLogic, Splunk, and IBM QRadar to develop real-time detection rules from threat intelligence to identify and investigate malicious activity within Xero's systems.
Analyzes logs from AWS services like CloudTrail and GuardDuty, investigates security events related to EC2 or S3, and ensures the secure configuration of Xero's cloud infrastructure by utilizing a wide range of advanced systems and equipment such as Security Orchestration, Automation, and Response (SOAR) platforms.
Requires 2 years of experience in an analyst/investigation or related role.
Requires 2 years of experience in Security Investigation, Analysis and Problem Solving.
Requires 2 years of experience in Monitoring using SOC Technology (including at least 1 SIEM technology tool or SOAR).
Requires 1 year of experience in Incident Management.
Requires 1 year of experience in navigating Cloud platform environments, including working with AWS or another cloud platform.
Requires any amount of experience in Threat Intelligence including Security Fundamentals: security threats and common attack methods.
Telecommuting permitted.
40 hours/week, Wage Range: $98,000-$137,000 per year. Must also have authority to work permanently in the U.S. Applicants who are interested in this position may apply at https://www.jobpostingtoday.com/ Ref # 44986.
CLZUU DOMUU SK111 SK222 SK333 SK444 SK555 SK666
