About the role
In this role, you will perform initial triage, investigation and escalations as part of the Computer Security Incident Response Team (CSIRT). You will be the initial point of contact for investigation and remediation. This individual will process vulnerability and threat data from a variety of sources to provide actionable intelligence to internal and external customers plus implement countermeasures and maintain and enhance the defenses for our information systems and resources. Security Log Analyst keeps it possible for the organization to defend its assets with clear vision and situational awareness in a persistent, dynamic, and highly complex threat environment.
You value open collaboration, have a strong desire to learn, and are excited to pick up new skills and technologies. You like to share your knowledge with others and are willing to ask for help in return. You should be a highly motivated self-starter with attention to detail.
- Monitor IT Security Tools to protect infrastructure and communicate security events and incidents to applicable Computer Security Incident Response Team personnel and/or management and recommend security actions per procedures where required.
- Perform investigations on mixed Mac’s, Linux, Ubuntu and Microsoft Windows environments, including network devices, databases, web services, and enterprise applications.
- Coordinate with infrastructure support teams to maintain/troubleshoot security tools and monitoring integrity.
- Escalates potential cybersecurity events to senior team members for review.
- Searching through networks, system, and log data to find and identify undetected threats.
- Stay current on IT security trends and news.
- Tune security measures and operate software to protect systems and information infrastructure, and firewalls.
- Supports cybersecurity investigation requests
- Other duties to support the Cybersecurity Program as assigned
- Recent completion of a Cyber Security program, Computer Science Degree, Information Security Degree or other related certifications in the Information Security field.
- Understanding of firewalls, proxies, SIEM, antivirus, packet capture solutions, and intrusion detection systems.
- Familiarity with network protocols (DNS, DHCP, SMTP, HTTP)
- 1-2 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, networking, database design and system
- Familiarity with AWS
- Proven ability to work independently
- Excellent written and communication skills
OneLogin, the leader in Unified Access Management, connects people with technology through a simple and secure login, empowering organizations to access the world™. The OneLogin Unified Access Management (UAM) platform is the key to unlocking the apps, devices, and data that drive productivity and facilitate collaboration. OneLogin serves businesses and partners across a multitude of industries, with over 2,500 customers worldwide. We are headquartered in San Francisco, California. For more information, visit www.onelogin.com, Blog, Facebook, Twitter, or LinkedIn.
- Security first - We make it our #1 priority to protect data and privacy. From the way we work to the technology we provide, security is top of mind
- Customer focused - We design for, listen to and partner with customers to come up with smart solutions that drive business value
- Collaborative - We take bold steps and work together to thrive across boundaries. We drive productivity as we grow as one team
- Accountable - We get things done and take ownership in our work. Showcasing consistent quality and pride to perform at the highest levels
- Creative - We embody creativity in everything we do. We embrace a diversity of ideas. We execute with ingenuity, flexibility, and agility