Listing Description

About Us

Diligent is the leading governance, risk, and compliance (GRC) SaaS company, serving 1 million users from over 25,000 organizations around the world. Our software enables holistic and informed conversations about GRC and ESG to ensure CEOs, CFOs and the board have an integrated view of audit, risk, information security, ethics, and compliance from across the organization.

Position Overview:
The Security Operations Analyst II role is a part of high impact security operations team focused on protecting Diligent personnel, sites, and assets worldwide. As part of the Security team, you will help to with the strategy, development and deployment of a comprehensive physical and logical cybersecurity operation programs. The position is responsible for oversight and operations on security event monitoring, incident response, user behavior analysis, vulnerability management, endpoint detection & response, threat hunting, in addition to maintaining the confidentiality and integrity of customer, employee, and business information in compliance with organization, industry, and regional policies and standards. 

Key Responsibilities:

• Monitor SIEM, EDR, Vulnerability Management tooling and other event sources to assess, prioritize, and escalate Cybersecurity alerts


• Perform Security Monitoring and Incident Response of Cybersecurity Events


• Conduct proactive analysis of SIEM logging, Vulnerability data, and EDR detections to drive security solutions


• Support of vulnerability management scanning and associated remediation plans and processes


• Build new SIEM use cases and alerts while optimizing/tuning existing detection thresholds
  
  
  
  • Ability to associate against and adopt published Cybersecurity Frameworks
  
  
  
  


• Manage on-prem SIEM integrations while monitoring existing connections for repair


• Dictate best practices for AWS security controls of VPC / Control Tower environments


• Monitor/Troubleshoot the health and performance of on-prem & cloud security systems


• Manage and asses emerging threats and vulnerabilities, zero-days; drive mitigation by working with various system owners


• Work cross-functionally with Support, Production, Development, and other system owning teams across Diligent to drive security solutions, mitigations, and improvements


• Establish and maintain working relationship with stakeholders cross-departmentally


• Adhere to processes and introduce improvements where applicable


• Produce documentation / policy for Management review as needed


• Produce security concern writeups and recommendations on mitigating cybersecurity events


• Provide on-call Security Operations support


• Promote security awareness throughout Diligent

Required Experience/Skills:

• Working experience in an Operationally-focused Cybersecurity environment
  
  
  
  • Especially on either a Security Incident Response (IR) Team, a Vulnerability Management (VM) Team, an Endpoint Detection and Response (EDR) Team, or a Security Operations Center (SOC)
  
  
  
  


• Hands on technical experience, knowledge, and understanding of environments typically associated with an Operationally-focused Cybersecurity
  
  
  
  • Understanding of on-prem and cloud based virtualized/containerized systems, server, and network technologies are a plus
  
  
  
  


• Technical expertise in general Cybersecurity tooling, like Vulnerability Management, SIEM/SOAR, EDR, DNS Filtering, etc.


• Troubleshooting of TCP/IP network, DNS, port connections, Linux OS / services, firewall ACLs, on-prem etc.


• Strong decision-making capabilities, with an ability to weigh the relative costs and benefits to choose an appropriate response or action


• Working experience with regulatory compliance and information security management frameworks
  
  
  
  • g., MITRE ATT&CK, ISO 27001, NIST Cybersecurity Framework, CIS Top 20 controls, etc.
  
  
  
  


• Strong depth of knowledge in business needs and commitment to delivering high-quality, prompt, and efficient service to the business


• Technical expertise with outbreak management, and the ability to differentiate activity of a bas actor Vs. directed attack patterns


• Bachelor's degree in Computer Science, Information Security, or related sciences preferred.


• 5+ years of information technology experience or the equivalent combination of education, technical training, or work experience.


• Must have strong interpersonal skills with the ability to interact with technical and non-technical customers, support, and business staff at all levels.


• Must be able to multi-task, work independently or with a team, and be able to transition quickly between issues with minimal supervision


• Working knowledge of Linux and Windows operating systems


• Experience with cloud services from a security perspective


• Experience in scripting (PowerShell or Python) and automation


• Security certifications e.g. GCIH, CISSP, CEH, Security+, etc.

FLSA Status - Exempt 

Salary Range: $60,000 = $102,000