Sr Information Security Engineer (SOC Analyst, Incident Response) - Rubrik Job Board Palo Alto, California, United States Bookmark Share Print 349 0 0

Listing Description

Rubrik’s Security Operations Center (SOC) team is charged with the threat detection and incident response mission. This includes monitoring security alerts and related data across Rubrik’s corporate network, endpoints, cloud, and SaaS environments, to rapidly detect and accurately identify signs of intrusions and other malicious activity; performing investigations to determine impact and cause; managing issues though the incident response lifecycle from beginning to end. As a Security Analyst, you will be responsible for threat detection and subsequent investigations with a focus on monitoring collected data and related security tools, identifying activity requiring investigation, and responding to alerts to initiate investigation and IR processes. This role also includes maintaining an external threat perspective via Threat Intelligence sources to identify new threats, techniques, and tools that require response. As a first responder, Security Analysts also contribute to overall program maturity through providing feedback and ideas to refine and improve detection capabilities and response processes.


Desired Experience and Qualifications:



  • 5+ years of experience in a security operations role performing threat monitoring, investigation, and incident response work

  • Experience working with US Government agencies and programs

  • Practice with the NIST framework and standards in an operations context

  • Experience analyzing data and alerts from email, network, endpoint, and infrastructure tools

  • A practical understanding of endpoint and network forensics concepts

  • Ability to describe the incident response lifecycle end-to-end and to apply it creatively to scenarios

  • Experience using the MITRE ATT&CK framework and cyber kill chain concept in an operations context

  • Experience with SIEM technology and data correlation as a concept

  • Formal training / education in security monitoring and incident response concepts (SANS or Security+)

  • Experience and a practical working knowledge of cloud infrastructure (AWS, Azure, GCP); able to describe cloud architecture and common uses

  • A practical understanding of workflow automation


Other Requirements



  • US Citizenship


Preferences / Nice to Have:



  • Experience in a structured “SOC” practice at a large enterprise

  • Workflow tools: XSOAR, Jira, ServiceNow

  • Data analytics tools: Devo, Splunk, QRadar, ArcSight, SumoLogic

  • Security Tools: Firewalls, EDR, web proxy, AntiVirus and AntiMalware, email security gateways

  • Cloud Technologies: Azure, GCP, AWS


#LI-AK1

Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!