Senior Security Analyst - Security Operations CenterJob ID 196922
Equal Opportunity Employer
The Information Technology (I.T.) division of Enterprise Holdings builds and implements powerful solutions that help to drive and support the global operations of our brands and businesses, including Alamo Rent A Car, Enterprise Rent-A-Car and National Car Rental. With 9,000 branch locations across the world and more than 93,000 employees, Enterprise Holdings and its affiliates own and operate almost 1.7 million cars and trucks.
Here, you will be part of a team that creates and delivers leading-edge technologies and expansive systems that impact every aspect of our growing international businesses. We provide the resources to enable and develop our more than 2,000 innovative I.T. professionals in a variety of career path. There are no limits for those who excel at EHI.
As a member of the global SOC's Cyber Security Incident Response Team, the Incident Response Security Analyst is responsible for analysis, response, triage, recovery, and improvements for security events affecting Enterprise Holdings. In addition, the Incident Response Team members coordinate resources during a cyber-security event, driving issues to a timely and complete resolution. You will assist in the monitoring and enforcement of security policies and programs and assist with the identification of security procedures to support business objectives.
As an Incident Response Security Analyst, you will be responsible for working in a fast-paced environment utilizing a set of security related tools (e.g. WAF, SIEM, UBA, IDS/IPS, anti-virus, firewalls, etc.), developing new team processes, verifying/testing new monitoring tools, and working with internal/external teams on security issues.
- Must be presently authorized to work in the U.S. without a requirement for work authorization sponsorship by our company for this position now or in the future
- Must be committed to incorporating security into all decisions and daily job responsibilities
- 3+ years of hands-on incident response or security related experience
- Understand sound investigative techniques for suspected and confirmed incidents
- Able to gather all relevant incident information (e.g., affected systems, asset information, vulnerability information, system configurations, logs, console reviews, memory dumps, forensic analysis, etc.) in accordance with incident management and response processes
- Able to analyze incident information to understand the scope of the incident
- Has responded to current security incident types, such as DDOS attacks, anomalous activity, malware infections, APT activity, unauthorized access, data extraction, etc.
- Has assisted with task automation and process improvements
- Must have displayed leadership and team-centric skills and have strong solution orientation
- Proven track record of Developing New Processes
- Strong Documentation Skills
- Has experience leading and facilitating meetings (in-person or virtual)
- Ability to analyze forensic and log data to identify root cause and or indicators of compromise
- Solid knowledge of Network Protocols, Packet Captures, Security Controls, Scripting, SIEM, standard ticketing systems, Open Source Tools, Web Application Firewalls, PKI, vulnerability scanning
- Preferred to have security related certifications such as: CISSP, CompTIA Security +, GCIH, security tool certs
- Linux Shell Scripting (Python Shell Scripting preferred)
- Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Management Information Systems, or extensive security related experience OR equivalent combination of education and experience.