Security Analyst shall be responsible for monitoring, assessing, and remediating cybersecurity events to secure and protect proprietary, personal, and privileged electronic data. Utilize cybersecurity tools to monitor and detect attacks and vulnerabilities in the network. Monitor SIEM alerts for evidence of compromise and report security incidents. Analyze/assess security incidents in the network to recommend solutions and best practices.
· Resource will function as a member of the Security Operation Center performing intrusion detection, prevention, and incident response.
· Must be able to operate as a member of a frontline team in security operation, monitoring and analyzing custom alerts and dashboards.
· Provides feedback in assessing new threat vectors and the effectiveness of controls.
· Leverages advanced investigative skills using best in class data correlation and network/packet analysis tools.
· Will partner with senior leaders from lines of business organizations to triage security events and report on impacting security incidents.
· A solid foundation in networking fundamentals, with a deep understanding of TCP/IP and other core protocols.
· 1 year to 5 Years of experience.
· Experience in enterprise intrusion analysis, SIEM and incident response.
· The ability to analyze logs from various security devices and web servers.
· Experience doing packet captures and interpreting them (e.g., tcpdump, Wireshark).
· Familiarity with network architecture and security infrastructure placement.
· Understanding of Windows and Unix operating systems, and command line tools.
· Knowledge of attack vectors, threat tactics, kill chain and attacker techniques is a plus.
· Experience with Cloud Incident Response is a plus (e.g., AWS, Azure)
· Interpersonal skills sufficient to work with both technical and non-technical personnel at various levels in the organization.
· Ability to elicit and communicate technical and non-technical information in a clear and concise manner.
· An open mind, willingness to be challenged and strong desire to learn
· Should be flexible to work during different shifts and possibly weekends
Good to have:
· Exposure to incident response of cloud-based and distributed infrastructures are a plus.
· Certifications from SANS, Offensive Security, ISC2 is a plus.
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently.
Guidewire combines core, data, digital, analytics, and AI to deliver our platform as a cloud service. More than 400 insurers, including the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1000+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.