The Senior Security Analyst delivers highly technical analytical capabilities essential to Security Operations and Incident Response. The skills include the leveraging various technologies to detect, contain and eradicate malware and unauthorized access to Tesoro business productivity systems and information. The position requires the analyst to collaborate cross-functionally throughout IT, managed security services providers, and contractors to meet the commitments of this role.
- Protect and control access to data, systems, and networks.
- Detect unwanted attempts at accessing, manipulating, and/or disabling of information systems using a variety of tools, techniques, and methodologies to defend against system and network intrusions.
- Implement and administer technologies such as: IDS & IPS, Web Proxies, DLP, SIEM, A/V, Advance Threat Detection, Threat Intel, and Firewalls.
- Resolve or escalate security incidents and service requests in line with established service level targets and assume ownership of, and provide; monitoring, tracking and communication of security incidents and requests.
- Interpret network traffic and system events to identify threats and/or rule out anomalous activity.
- Support all phases of the Incident Response Life Cycle: Preparation, Detection & Analysis, Containment Eradication & Recovery, and Post-Incident
- Identify indicators of compromise and design detection/blocking profiles in IDS/ IPS, firewalls, web proxies and advance threat detection platforms.
- Provides technical support for forensics services to include evidence seizure, computer forensic analysis and recovery, in support of computer investigations.