• Security Operations Center Analyst IV

    Location US-OR-Portland
    Posted Date 2 months ago(2 months ago)
    # Positions
    1
    Status
    Full-Time
    Req #
    17253
  • Overview

    The Standard:

     

    When you work at The Standard, you are part of a company that provides customers financial well-being and peace of mind. As a member of our GRC team, the information security analyst is chartered with analyzing, supporting, enhancing and operating information security programs. The position reports to the Director of Security Operations. At The Standard, we are large enough for big opportunities and small enough for big impact. 

    Responsibilities

    What We Are Looking For:

     

    We are looking for information security analysts with experience as a Cyber Hunter/ Threat Intelligence/ Ethical Hacker.  Are you a hands-on technology practitioner ready to bring meaningful, strategic change in the sphere of information protection? Are you an effective communicator and a change agent? If this sounds like you, we may be a good fit.

     

    The ideal candidate will have at least seven years of deep technical experience with at least three years responding to and managing incidents.  You will be able to read packet traces as if they were your native language based on your deep understanding of networking protocols, correlate events with or without a SIEM to assemble the bigger picture, and craft an efficient and effective response based on your breadth of knowledge of firewalls, group policy, and a variety of tools and technologies. You will have experience with design, implementation and monitoring of cloud infrastructure and identity management.  You thirst for new technical knowledge and are often the first among your peers to investigate a product or service which looks like it may create new response opportunities.  While you feel perfectly at home popping floor tiles in a data center you’re also a terrific conversationalist and diplomat with a great sense of humor.  This is a senior role which includes mentoring other team members for growth and process definition in addition to core work.

    • Actively seeks to uncover indicators of compromise for which monitoring capabilities do not yet exist by reading and interpreting logs and packet traces.
    • Intermediate to advanced understanding of network protocols and operating systems is required.
    • Collects and aggregates information from a wide variety of sources and formats them for relevance to our environment
    • Creates hypotheses for analytics and testing of threat data and tests methodically to prove or disprove the hypothesis.
    • Shares lessons learned, initial indicators of detection, and opportunities for strengthening detection capabilities
    • Maintains and enhances the documentation standard for discoveries and reporting of malicious tactics, techniques, and procedures
    • Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization
    • Performs analysis of compensating controls and validates efficacy of existing controls
    • Recommends security controls and/or corrective actions for mitigating technical and business risk
    • Ensures compliance with all applicable configuration standards

    Qualifications

    • 7+ years of combined IT Security experience with a focus on Cyber Hunting & Threat Intelligence.
    • Network and Platform Certifications Strongly Preferred (ACE, CCIE)
    • Security Certifications Preferred (ISSEP, GCIA, GCIH, & GPEN)
    • Understanding of network protocols and their analysis.
    • Experienced with Windows & Linux operating systems.
    • Experienced with event analysis leveraging SIEM tools.
    • Knowledge of malware operators and indicators.
    • Knowledge of current threat landscape (threat actors, APT, cyber-crime, etc..)
    • Knowledge of Firewall and Proxy technology.
    • Knowledge of penetration techniques.

    Nice to haves:

    • Knowledge of IDS/IPS systems
    • Basic experience with scripting, preferably in Python.
    • CIPP, Certified Intrustion Analyst, Certified Expert Penetration Tester 

     

     

     

    Standard Insurance Company, The Standard Life Insurance Company of New York, Standard Retirement Services, Inc., StanCorp Equities, Inc. and StanCorp Investment Advisers, Inc., marketed as The Standard, are Affirmative Action/Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, religion, color, sex, national origin, gender, sexual orientation, age, disability, or veteran status or any other condition protected by federal, state or local law. The Standard offers a drug and alcohol free work environment where possession, manufacture, transfer, offer, use of or being impaired by an illegal substance while on Standard property, or in other cases which the company believes might affect operations, safety or reputation of the company is prohibited. The Standard requires a criminal background investigation, drug test, employment, education and licensing verification as a condition of employment. All employees of The Standard must be bondable.

     

    For more information regarding your Equal Employment Opportunity applicant rights, click  here.

     

    Individuals with disabilities who need assistance or accommodation with the application process should contact HR Direct at 971-321-7871.  This number is only for the use of individuals with disabilities who need accommodation with the application process.  General inquiries about application status will not be addressed.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed