The person filling the Cybersecurity Operations Center Analyst role will join 3M’s Information Security, Risk and Compliance organization as part of a team focused on the ongoing development and operations of 3M’s Cybersecurity Operations Center.
You will help support day to day operations, monitoring and responding to security threats and risks, provide in-depth incident evaluation & analysis, and will provide pro-
active threat hunting and intelligence research.
This position will be operating in our Security Operations Center; some weekend and after hours work will be required.
PowerShellPowerShellPrimary Responsibilities include but are not limited to the following :
Cyber event and incident analysis, correlation, handling, and response activity
Orchestrate the response, communication, and remediation of Cyber incidents
Correlate cyber events, known threat intelligence, and suspected vulnerability points applicable with 3Ms network and systems
Provide intermediate expertise regarding the analysis of logs associated with security technologies, including Intrusion Detection and Prevention Systems, Firewalls and Log Analysis, SIEM, Network Behavior Analysis Tools, Antivirus, Network Packet Analyzers, malware analysis and forensic tools
Evaluate malware to identify intelligence related to threats targeting 3Ms network
Analyze threat intelligence sources and correlate to applicable threats to 3Ms business operations
Conduct research on emerging security threats and intelligence and communicate to the SOC team
Maintain situational awareness reports for advanced threats such as advance persistent threats
Basic Qualifications :
Bachelor’s Degree in MIS, Computer Science, or related field from a recognized college or university or equivalent work experience
3-4 years of security experience with at least 6 years total IT background
IT Security Operations Center environment experience with security monitoring experience
Fluent in speaking and writing English
Preferred Qualifications :
Experience with SIEM administration
Experience with administration of network security appliances
Ability to identify and assess reasonably foreseeable internal and external risks to the security, confidentiality and availability of information and systems using a documented approved process
Strong problem solving, analytical, technical and troubleshooting skills
Ability to interact with vendors, clients and internal teams in a professional and articulate way via spoken or written word
Experience performing Linux and Windows server administration
Experience working with scripting languages such as Python or PowerShell
Experience working with RESTful API’s
Añadir a los favoritos
Eliminar de mis favoritos
Debes iniciar sesión en tu cuenta para agregar este empleo a tus favoritos. Haz clic en "Continuar" para acceder a tu cuenta o crear una cuenta nueva. Luego de iniciar sesión, podrás ver y organizar tus favoritos tanto en nuestro sitio web como en la aplicación móvil.