Listing Description
Bungie is searching for an experienced Security Analyst and Security Systems Administrator. You will be administering the security stack, investigating anomalous signals, triaging incidents, and improving our detection & prevention capabilities. Bungie's IT Administration team is a small group whose day-to day duties and challenges are varied, from supporting creative staff with high end applications to securing systems, network and technical infrastructure. Ideally, you have strong troubleshooting skills, a team oriented attitude, exceptional customer service skills, and an interest in expanding your technical breadth. As we often tread the cutting edge on new technology adoption, adaptability and a strong desire to research, investigate, and roll out new technologies is a must.
RESPONSIBILITIES
- Security Analysts are responsible for data management, analyzing events & alerts, identifying problems or areas potential concern, and developing recommendations that support Cybersecurity & InfoSec initiatives
- Collaborates with cross functional teams to collect, analyze data, presents results and provides recommendations
- Proactively research and identify network and system vulnerabilities providing recommended countermeasures or mitigating controls to reduce risk to an acceptable and manageable level
- Review results of vulnerability reports to help determine the severity of findings and ensure timely remediation
- Assist with assessing and mitigating risk associated with latest exploits, tactics, techniques, and procedures (TTP), vulnerability remediation, and Cloud security evaluations
- Assist with ongoing security research against various products and infrastructure, apply that knowledge to security testing
- Ability to perform the necessary threat research on enterprise systems/tools/technologies and convert that information into tooling that can be utilized both defensively & offensively
- Strong analytical skills and attention to detail
- Strong written and verbal communication skills with the ability to interact with technical teams and key client stakeholders
- Convey technical security concepts to technical and non-technical audiences
- Assist with the establishment of necessary policies and controls to secure the environment
REQUIRED SKILLS
- Knowledge of Windows, Linux, Unix, or any other major operating systems
- Solid understanding of threat, vulnerability, and risk models
- Experience in administration and operational support of NGAV & EDR solutions
- Foundational understanding of information technology and information security practices, including the areas of application security, policy development, security related research, physical security, systems integrity, and disaster recovery
- Experience with endpoint and system configuration hardening based on compliance requirements and best practices
- Strong foundational knowledge of network-based protocols such as TCP/IP, HTTP, HTTPS, DNS
- Familiarity of investigating, documenting, and reporting security incidents
- Willingness to learn to evaluate security vulnerabilities, develop mitigation strategies, and implement remediation
- Understanding of OWASP Top 10, CVSS, common classes of product security vulnerabilities, and attack/defense methodologies
- Understanding of network security and popular attack vectors
- Desire to learn and grow in the identity and security space
NICE-TO-HAVE SKILLS
- Python and/or Powershell scripting capability
- Understanding and experience with various Active Directory attack techniques
- Experience in securing Cloud platforms including AWS, GCP, and Azure, implementing and maintaining both native and 3rd party security services and tools across those environments
- Experience with network-based detective controls like IDS/IPS, NTA/NDA, and various SIEMS
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided