.Granada, SpainWHO WE AREFinancialForce knows that each individual brings something special to the team, exemplifying a diverse and inclusive work environment.
We embrace your authenticity and encourage our employees to "Bring Yourself" to work every day!THE ROLEThe Analyst will be responsible for driving incident response and investigations as it relates to addressing potential incidents, cyber threats, and insider risk, and manage and prioritize threats and vulnerabilities identified for remediation.
You will partner closely with key stakeholders from IT, DevOps, and Human Resources to support investigations of potential incidents.WHAT YOU WILL DO IN THIS ROLEUsing investigative and forensic techniques, and the preparation and delivery of forensic action reports for management.Actively engages with MSSP provider as part of 'level 2' support to review alerts as escalated.
Manages Service Now tickets created by MSSP and updates with timely information as appropriate.Monitors DLP alerts in tandem with MSSP, and provides business context in order to qualify whether a DLP incident.Malware deployments and working with other teams to execute eradication procedures.Using PCAP for network traffic, ability to interpret packet header information and the ability to trace host & user network activity.Using company phishing platform, ability to analyze message headers and identify actionable indicators for remediation.Manage and maintain incident handling procedure, and conduct table tops as required to test incident response procedures.Performs investigations for high severity security vulnerabilities or threats.Collaborates with IT and Product Teams to identify, resolve, and mitigate vulnerabilities or threats.Assigns severity of vulnerabilities aligned with the FF Vulnerability Prioritization Framework.Provides guidance and documents response action plans or remediations for incidents based on incident type and severity.Assists with containment of threats and remediation of environment during or after an incident.Performs with forensics investigation, and/or works with 3rd party forensics response retainer.Documents and creates tickets to track remediations.Keep abreast of cyber security trends and the emerging threat landscape.Deliver timely reporting related to any vulnerabilities or threats including the findings, review and follow-up activities.WHAT YOU NEED TO BE SUCCESSFUL IN THIS ROLEIdeally 3 - 6 years of experience in Information Security, and 3+ years of practical experience in a Security Operations Center (SOC) environment and/or experience with security monitoring, event and anomaly analysis, and intrusion detection/prevention.Practical experience implementing security solutions including 'Splunk', intrusion detection systems, and/or data loss prevention solutions.Intermediate knowledge of Windows and Unix or Linux.Intermediate knowledge of Firewall technology.Intermediate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.)