Cyber Security Analyst

A little bit about the role:

ORBCOMM is seeking a Cyber Security Analyst to join our Information Technology team, this role will report to the Director, Cyber Security.

Responsibilities:

• Assist in configuration of security log ingest, create actionable/high fidelity alerts, work with the cyber security operations engineer to develop automation, assess our ability to detect, monitor, prevent, and recover from attacks.
• Participate in the day-to-day security operations, monitoring, and incident response from the Security Operations Center.
• Lead, perform, review, investigate, and track computer security events/incidents to resolution.
• Evaluate, respond, and resolve alerts that originate from the SIEM, IDS/IPS, EDR/NGAV, Web Application and API Firewalls (WAFs/WAAPs), Network Firewalls, and other security sourced alerts.
• Understand security technologies such as Security Incident and Event Management (SIEM), Endpoint Detection and Response (EDR), Data Loss Prevention (DLP), Network and Host-level Firewalls, Network and Host Intrusion Prevention Systems (N/HIPS) etc., to capture relevant security sourced event data into the SIEM.
• Lead in monitoring and analyzing alerts in the Sumo Logic Cloud SIEM Enterprise (CSE)
• Perform vulnerability assessments on cloud infrastructure servers and devices, workstations, laptops, on-premises servers and devices, and applications.
• Assist in prioritizing remediation and mitigation activities using risk criteria such as CVSS, Tenable VPR exposure, and asset criticality.
• Compile, deliver, and track vulnerability reports/metrics to appropriate team members.
• Actively perform threat hunting for malicious activities using different security tools to identify threat vectors for remediation.
• Ensure all pertinent information/artifacts are obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment.
• Block malicious domains, MD5 file, URL, and/or IP Hashes, where applicable and in accordance with the company's standards.
• Develop Security Operation Procedures (SOPs) and Standards, to include hardening guidelines for the different web applications, operating systems, databases, and other products.
• Regularly collaborate with the Cyber Security Operations Engineer to tune security tools and capabilities against false positives for optimum performance.
• Develop follow-up action plans to resolve reportable issues and communicate with other security colleagues to address security threats and incidents.
• Engage with other internal and external parties to get and share information to improve processes and security posture.
• Help develop and conduct security risk assessments, develop risk reporting, and track metrics.
• Update the Publicly Exposed Servers (PES) spreadsheet. 

Desired Qualifications and Experience:

• 2-4 years of Information Technology experience, preferably in Information/Cyber Security.
• Bachelor’s degree in information security, Computer Science, Information Technology, related field, or equivalent work experience.
• Familiar with incident response lifecycle
• 1+ years of hands-on experience preferred in any one of the following areas: security operations, incident response, network security operations, network/host intrusion detection, threat response.
• Experience analyzing system and application logs to troubleshoot operational issues or investigate security issues.
• Experience creating metrics and reports.
• Preferred knowledge of enterprise detection technologies and processes (IDS/IPS, Network Packet Analysis, Endpoint Protection, SIEM).
• Preferred Knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases).
• Preferred currently to hold or working toward security certifications or attending security courses.
• Experience communicating with management and partner teams clearly and effectively in a professional setting.
• Strong verbal and written communication skills.
• Basic understanding in Scripting and Programming languages such as PowerShell, Python, SQL, Java, etc.

About ORBCOMM Inc.

ORBCOMM is a pioneer in IoT technology, empowering customers with insight to make data-driven decisions that help them optimize their operations, maximize profitability, and build a more sustainable future. With 30 years of experience and the most comprehensive solution portfolio in the industry, ORBCOMM enables the management of over a million assets worldwide for a diverse customer base spanning transportation, supply chain, heavy equipment, maritime, natural resources, and government. For more information about how ORBCOMM is driving the evolution of industry through the power of data, visit www.orbcomm.com.
 
Interested?

At ORBCOMM, we believe that our people are our strength. Our success stems from our ability to attract and retain the best people who deliver a high level of performance and skill.

If you are looking for a significant career opportunity and the chance to work for an established, successful, and high growth company, ORBCOMM is the ideal place for you.

We are committed to employment equity. ORBCOMM would like to thank all applicants in advance and advise them that only candidates selected for an interview will be contacted.

ORBCOMM is committed to providing accommodations for persons with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process.