We are searching for an Cyber Security Analyst to join our growing Intelligent Security Operations Center. The candidate should be familiar with handling cybersecurity events and incidents. The candidate should have experience in, network security, endpoint security, cloud, database, traffic analysis, use case development, and documentation. This position will be located in our Scottsdale, AZ office.
- Serve as a technical point contact for enterprise NSM (Network Security Monitoring)
- Assists in the ongoing development and improvement of McKesson's global NSM.
- Enhance current processes and procedures to improve enterprise iSOC service delivery.
- Perform quality review of tickets for documentation compliance, accuracy and consistency
- Designs internal processes and workflows
- Identifies automation opportunities
- Maintain and enforce adherence to corporate and iSOC standards, processes and procedures
- Participate in the global on – call schedule.
- Mentors Junior analysts and conducts regular lunch and learns with analysts.
- Works inbound security events | incidents and develops SIEM use cases
- Conducts regular review of coverage zones and makes recommendations on alerting priority and strategy.
- Collaborates with L3 analysts and service line owners to ensure SOC tools are available and in good hygiene.
- Reviews and modifies security monitoring toolsets to ensure high fidelity alerting
- Participation in global on-call schedule
- 3 years relevant experience in cyber security
- 1+ years experience in Security Operations or Incident Response
- Excellent problem-solving and technical skills
- Experience with ticketing and case management solutions
- Experience in cyber security incident response
- Proficiency investigating security events and incidents from the point of discovery to remediation
Additional Knowledge & Skills
- Experience with next generation security tools
- Experience analyzing logs in a SIEM
- Relevant security certifications (GCIH, CISA, GIAC, GMON, OSCP, GCFA)
- Significant experience in one or more monitoring zones ( endpoint, network, application, web, cloud, database)
- SAFe | Agile experience a plus
- Cloud networking experiencing a plus (GCP | Azure)
- Technical writing
4-year degree in computer science or related field or equivalent experience