Information Security Analyst III

• Determine impact of potential intrusions on the GP’s network and infrastructure
• Conduct cyber intelligence analysis, coordination, and interaction across the GP networks and infrastructure components
• Conduct advanced incident response actions security incidents as directed by the SOC Manager
• Conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc) to identify information security incidents
• Capable of hunting for threats based on threat intelligence and limited direction
• Collaborate with Security Advisory to propose additional components and techniques that could be used to proactively detect and prevent malicious activity.
• Recommend configuration changes to Security Engineering improve the performance, usability, and value of cyber analysis tools
• Collaborate with others in the Information Security department to develop and implement innovative strategies for monitoring and preventing attackers
• Assist subsidiaries in reducing their threat footprint by suggesting network and host-level controls that limit an attacker’s access and alert upon a security event
• Conduct reviews of SOC security event activities to identify trends for potential efficiency and potential gaps with services
• Provide guidance and collaborate with Security Engineers on tuning security tools to reduce false positive
• Provide feedback on security control capability gaps based off of security intrusion trends
• Develop and maintain analytical procedures to improve security incident identification efficiency
• Develop strong working relationships with counterparts within IS and BTS
• Mentor junior team members to improve skills and awareness
• Familiarity and experience with basic digital forensic concepts such as chain of custody, evidence handling, and system imaging
• Interact with entities across GP to understand information criticality and use cases for detection of threats targeting such data
• Develop and maintain standard operating procedures to reflect day-to-day security operations
• Create innovative in-house control capabilities to assist in the automation of existing security operations functions

Job Details:

· Determine impact of potential intrusions on the GP’s network and infrastructure

· Conduct cyber intelligence analysis, coordination, and interaction across the GP networks and infrastructure components

· Conduct advanced incident response actions security incidents as directed by the SOC Manager

· Conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc) to identify information security incidents

· Capable of hunting for threats based on threat intelligence and limited direction

· Collaborate with Security Advisory to propose additional components and techniques that could be used to proactively detect and prevent malicious activity.

· Recommend configuration changes to Security Engineering improve the performance, usability, and value of cyber analysis tools

· Collaborate with others in the Information Security department to develop and implement innovative strategies for monitoring and preventing attackers

· Assist subsidiaries in reducing their threat footprint by suggesting network and host-level controls that limit an attacker’s access and alert upon a security event

· Conduct reviews of SOC security event activities to identify trends for potential efficiency and potential gaps with services

· Provide guidance and collaborate with Security Engineers on tuning security tools to reduce false positive

· Provide feedback on security control capability gaps based off of security intrusion trends

· Develop and maintain analytical procedures to improve security incident identification efficiency

· Develop strong working relationships with counterparts within IS and BTS

· Mentor junior team members to improve skills and awareness

· Familiarity and experience with basic digital forensic concepts such as chain of custody, evidence handling, and system imaging

· Interact with entities across GP to understand information criticality and use cases for detection of threats targeting such data

· Develop and maintain standard operating procedures to reflect day-to-day security operations

· Create innovative in-house control capabilities to assist in the automation of existing security operations functions

REQUIRED SKILLS:

  • Bachelor’s degree is required or 5+ years of experience
  • Extensive experience working with SIEM, Log Aggregators, Incident Response Management solutions
  • Strong technical knowledge of Networking, Operating Systems and enterprise integrations
  • WAF, IDS/IPS, DDoS
  • Experience managing standards, developing Security Operations Process, reporting, dashboards and other associated KPI’s
  • Excellent communication, collaboration, relationship management and leadership
  • Self-directed and able to perform tasks without supervision

We are an EOE F/M/D/V.

Global Payments, Inc. provides equal employment opportunities to all employees and applicants for employment without regard to race, color creed, religion, sex, national origin, age, citizenship, disability, veteran status or any other protected status. Those applicants requiring reasonable accommodation to the application and/or interview process should notify a representative of the Human Resources Department.

Disclaimer: The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of responsibilities, duties and skills required.