Sr. Cybersecurity Analyst, Blue Team

Summary

The main responsibilities of a Blue Team include responding to security incidents, creating and maintaining security playbooks, conducting threat intelligence analysis, implementing edge controls, securing APIs, and managing WAF.

What you'll do

• Incident Response: Efficiently and effectively respond to security incidents, ensuring quick containment, investigation, and resolution.
• Security Playbooks: Develop, maintain, and regularly update security playbooks for various incident scenarios, ensuring structured responses.
• Web Application Protection: Implement and manage Web Application Firewalls (WAF) to safeguard web applications from security threats.
• Cloud Security: Utilize and manage AWS services to enhance security in cloud environments, ensuring data protection and system integrity.
• Security Automation: Automate security processes and workflows through scripting to improve efficiency and reduce manual intervention.
• Threat Intelligence: Conduct thorough threat intelligence analysis to identify, assess, and mitigate risks from emerging threats.
• End-to-End Security Processes: Lead security processes from incident identification through to resolution and post-incident analysis.
• Incident and Vulnerability Prioritization: Define the criticality of incidents and vulnerabilities to prioritize response actions based on severity.
• Financial Market Knowledge: Leverage expertise in the financial sector, ensuring security practices align with sector-specific regulations and compliance requirements.
• Mission-Critical Systems: Ensure high availability and security of systems operating in mission-critical environments, managing security at scale.

Minimum Qualifications

Language Skills:

• English Advanced

Technical Skills:

• Incident Response: Proven experience in handling security incidents, from detection to resolution, ensuring minimal disruption.
• WAF Knowledge: Strong experience in implementing and managing Web Application Firewalls (WAF) to protect web applications.
• AWS Security: Expertise in utilizing and managing AWS services to secure cloud infrastructure and applications.
• Threat Intelligence: In-depth knowledge of threat intelligence analysis and using intelligence feeds to identify and mitigate risks.
• Mission-Critical Environments: Experience working in environments where high availability, reliability, and security are crucial.
• Financial Market Experience: Familiarity with industry-specific regulations and security best practices within the financial market.
• Criticality Assessment: Ability to assess and define the criticality of incidents and vulnerabilities for effective prioritization of actions.

Desirable Qualifications

• Security Automation: Experience automating security processes with scripting languages such as Python, PowerShell, or Bash.
• Advanced Threat Detection: Familiarity with advanced threat detection tools and techniques.

  Desired Certifications:

• CompTIA Security+
• Certified Information Systems Security Professional (CISSP)
• CySA+ (Certified Cybersecurity Analyst)
• ISC2 and other relevant cybersecurity certifications.

Core Benefits

• Remote work
• Flexible hours
• Meal & Food vouchers 
• Remote work financial support
• Life Insurance
• Medical and Dental
• Assistance Employee child care benefit: daycare
• Private Pension (2x1)
• Vidalink partnership
• Support for studying languages
• Incentive for AWS and GCP certifications
• Sesc Partnership
• Performance Incentive Plan

--

Pismo is an Equal Employment Opportunity employer that proudly pursues and hires a diverse workforce. Pismo does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender identity, sexual orientation, disability, age or any other basis protected by applicable laws or prohibited by company policy. Pismo also strives for a healthy and safe workplace and strictly prohibits harassment of any kind.