Forcepoint is transforming cybersecurity by focusing on what matters most: understanding people’s intent as they interact with critical data and intellectual property wherever it resides. Our uncompromising systems enable companies to empower employees with unobstructed access to confidential data while protecting intellectual property and simplifying compliance. Based in Austin, Texas, Forcepoint supports more than 20,000 organizations worldwide. For more about Forcepoint, visit www.Forcepoint.com and follow us on Twitter at @ForcepointSec.
The Security Analyst III is a member of the Security Operations Center (SOC) team who analyzes and responds to real time alerts from Intrusion Detection/Prevention Sensors (IDPS), serves as the primary responder to security related incidents, and works closely with our operations team to perform validation of security controls.
- Analyze and respond to security incidents as required.
- Aid in the ongoing optimization of Security Information and Event Management software.
- Identify security risks, threats and vulnerabilities of the company’s network, systems, applications and new technology initiatives.
- Submit scheduled and customized reports to security leadership.
- Analyze firewall ACLs, IDS rules, and network device configuration and suggest best practices.
- Design, evaluate, and promote new security standards by standardizing operating procedures and streamlining security related operations.
- Perform periodic security audits and various tasks to ensure regulatory compliance.
- Participate in rotational on-call duties in support of a 24x7 global production environment.
- Perform other duties and projects as assigned.
Education, Experience, and Skills
- A BS/MS degree in a technical field such as Computer Science with an emphasis on security, or equivalent experience.
- Professional Security certifications (CISSP, CEH, GCIH, etc.)
- Prior experience with IDS/IPS systems such as Snort, SonicWall, Tipping Point, etc.
- Prior experience with SIEM software such as Splunk, QRadar, etc.
- Strong foundation in network security and common attack methodologies.
- Thorough understanding of common protocols such as HTTP, SMTP, SSL/TLS, SSH, DNS.
- Working knowledge of Linux, group policy management, and common security compliance initiatives.
- Working knowledge of scripting languages such as PowerShell, Python, or Perl
- Experience performing incident response.
- Ability to find creative solutions to difficult problems.
Preferred Education, Experience, and Skills
- 5+ years Information Security Experience
- 2+ years in an Incident Response role
- 2+ years in vulnerability management
- 2+ years in Insider threat