Security Operations Analyst

Today, there's more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. 

Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Melbourne, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events (pre and hopefully post-Covid) and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive.  Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope.

What You’ll be responsible for in this role – Your contribution & career journey

We are seeking a Security Operations Center (SOC) Analyst to join a 24x7x365 team of security professionals to monitor, detect, respond, and remediate threats facing our geographically-dispersed on-prem and cloud environments. 

Position Description

Serve as a point of contact for escalation of SOC functions. Frequent direct interface with the security teams to advise and coordinate operational activities to include notable threats, active incidents, and situation awareness. As well as coordinate/communicate with senior leadership on notable operational and programmatic issues.

The ideal SOC Analyst will possess a strong multi-disciplinary background. A strong technical aptitude across multiple IT arenas paired with outside-the-box thinking and the skillset to turn conceptual ideas into working solutions is imperative. There will be an extremely strong focus on incident/threat detection and response, Identity and Access Management, networking, and security. This individual will need to be self-motivated and possess a consultative mentality to work with various IT team members, Managers and other Organizational Units. This role reports directly to the SOC Manager in the CISO organization. Frequent managerial level interactions, discussions, and briefings will be expected.

The technical focus of this role is to evaluate multiple existing but independent toolsets and unite them into a single inter-related solutions platform. This role will lead in the interaction with both internal and external industry-elite incident response and security analytics & engineering resources. Key project interactions will include SOC development, Security Operations, GRC, Threat and Vulnerability Management, Identity and Access Management Operations, and alpha/beta testing of emerging security solutions.

A general understanding of the totality of IT architectures and how they interrelate will be required. The successful candidate will be able to both evaluate technical solutions from the big picture perspective and actually drill down and configure the solutions independently.

Qualifications

Minimum Qualifications:

• Minimum of 3 years in an enterprise-scale IT engineering or analyst role, with at least 1 years in a SOC 
• Act as incident commander during high severity incidents, if necessary.
• Operate autonomously to further investigate and escalate in accordance with protocols SLAs.
• Uphold and enforce established runbooks and processes. 
• Report SOC related metrics 
• Responsible for coaching/mentoring for all SOC team members
• Identify SOC capability enhancement ideas for continuous improvement. Prioritize and assign resources to support enhancement projects and special requests.
• Work with subject matter experts across the program to transform the maturity of the SOC to an industry-leading organization. 
• Demonstrate proficiency in incident response, kill chain oriented analytics, and identification of IoC’s.
• Evaluate, tune, integrate, and optimize existing toolsets to meet monitoring and intelligence sharing requirements.
• Understanding of Identity and Access Management technologies such as SSO/MFA/IGA and operations of those technologies
• Work directly with Security Operations and Leadership to ensure that the final SOC solutions platform is designed to meet diverse operational goals and initiatives
• Identify solution gaps and translate those gaps into vendor-agnostic technical requirements and/or capabilities
• Working knowledge on Security technologies like Vulnerability Management, Identity and access management, Malware Detection, SIEM, DLP, SASE, CASB
• Bachelor’s Degree in Computer Science, Information Security, Information Systems, or a related field, or equivalent.
• Foundation in, and in-depth technical knowledge of, security engineering, computer and network security, authentication, security protocols, and applied cryptography.
• Understanding of Cloud Security
• Proficient understanding of regulatory and compliance mandates, including but not limited to GDPR, CCPA, Sarbanes-Oxley.
• SOAR and other Automation knowledge (Python, bash scripting).
• Experienced assessing and escalations to vendors for troubleshooting purposes.
• Able to communicate and work with cross-functional teams.

Additional Required Qualifications

• Detects, identifies and mitigates vulnerabilities in systems, including but not limited to databases, applications, network elements and devices, and data storage
• Deploy security policies, investigate and evaluate alerts for malicious file execution attempts, and design enhanced protocols aligned with protecting corporate-wide production systems
• Utilize various Vulnerability Management tools to scan enterprise for threats due to missed patches and newly identified vulnerabilities and work with various IT verticals to ensure all systems are hardened and patched.
• Effectively communicates and influences at all levels of the organization
• Lead root-cause analysis efforts to determine improvement opportunities when failures occur. Contribute as lead and SME on incident research and resolution when appropriate, mentoring incident team members.
• Manage workload, prioritizing tasks and documenting time.
• Provides training, and coaching for Analysts, Technicians, and Engineers in the IT Security
• Provides identity management advice and support for network systems and applications.
   

Preferred Qualifications

• One of the following: CISSP, CEH and or CompTIA Security +, SANS GIAC, CISSP, CRISC, or CISA are highly desired
• 3+ years of Security Operations and Engineering experience preferred, with
• 1+ years of work directly in a SOC environment

#LI-TS1

Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope's Privacy Policy for more details.