Job Summary:
The Senior Analyst is a position within Bain's Cyber Security Department, whose mission is to safeguard the digital assets and integrity of the organization. In this role, the Analyst understands how security measures align with the overall organizational strategy and will begin to organize and lead in the development and implementation of security controls that adhere to regulatory requirements and best practices. The Sr. Analyst will monitor, analyze and respond to potential security incidents and threats, analyze their urgency and impact to Bain, implement necessary responsive measures to protect the organization's digital assets, data, and infrastructure. These measures may require taking a leadership position in coordinating activities across the team working with technical teams and Security leadership. The Senior Analyst Security Operations role has multiple disciplines these include Threat Intelligence, Vulnerability Management and Pro-Active Security Testing and Enhanced Security Operations. Team members may spend some a percentage or all of their time in these specific disciplines.
Principal Accountabilities and % of time:
Security Monitoring (20%)
Incident Detection & Analysis (60%)
Create and maintain security runbooks. Present changes to the team for review and implementation.Conduct in-depth log analysis, data correlation, and forensic investigations to identify root causes of incidents and improve security measures. Ensure that controls identified in security policies and practices adhere to industry standards and compliance requirements and oversee the validation of the controls.Collaborate with cross-functional teams and provide leadership and guidance to junior security analysts. Serve as a subject matter expert in security discussions and decision-making.Establish and maintain automation of alerts & response driving down MTTR and reducing overall risk.Enhanced Security Operations (10%)
Expertise and experience in Forensic Investigations and ToolingRed Team, Blue Team, Purple team exercise leadership experience.Professional Development and Innovation (10%)
Stay informed about emerging trends and technologies in cybersecurity.Work collaboratively with other security team members, IT departments, and relevant business units to address security concerns and enhance overall security posture.Explore Professional Certifications and work with leadership to plan trainings.Knowledge, Skills, and Abilities :
Security Monitoring & Incident Detection and Response
Strong knowledge of Splunk (or other SIEM tools),CrowdStrike, Windows Defender, Other AV/EDR tool configuration, Cyberhaven (or other DLP tools)Knowledge of Vulnerability & Attack Surface Management toolsets, Threat Intelligence and Analysis tools, Vendor technical Risk Scoring tools, Deception technologiesKnowledge of ticketing, triage and forensics capabilities and toolsets
General Skills
Experience:
Bachelor's degree in a related field (e.g., Computer Science, Cybersecurity, Information Technology) or an equivalent combination of education, training, and experienceExperience with Information Security technologies (Firewall, IPS, IDS, SIEM, EDR, CASB, AV, DLP, etc.)Experience with common information security controls frameworks (i.e. ISO, NIST, CIS, or CSA)4-6 Years of experience is same domainExperience deploying systems or applications Ability to work independently and with teams on complex problemsComplex problem solvingAbility to work in a fast paced, dynamic environment.Attention to detail and priority/time management.Strong customer service, analytic, communication (oral and written) and troubleshooting/problem solving skills.Experience with endpoint security control design having implemented controls such as EDR or AVExperience with automation of Information Security controlsExperience with automating tasks via scripting, Experience with common cloud security control frameworks, for example NIST CSF or CSA