What is the opportunity for you?
Culture Amp is looking for an experienced Senior Security Analyst to join a growing security operations function and participate in event and incident management, and vulnerability management activities. You will have experience investigating cybersecurity events, supporting incident response activities, and conducting threat hunting exercises.
The Senior Security Analyst will play a major role in Culture Amp’s cybersecurity detection and response capability and will collaborate with other security operations team members to ensure that processes, tools, and documentation are appropriate. This role is a great opportunity to contribute to the security of the Culture Amp platform while working with talented engineers in a cloud-centric security environment with some of the latest technologies.
You will
- Monitor and analyse cybersecurity events, trends, and threats
- Investigate cybersecurity incidents and undertake response activities using defined response plans and playbooks
- Support major incident response activities
- Support threat hunting activities to proactively identify threats
- Develop tactical and operational threat intelligence
- Provide input into the development and continuous improvement of Culture Amp’s security technologies and processes
- Identify and implement opportunities for automation to improve detection and response capabilities
- Assist with audit activity where required including maintenance of audit records
- Respond to queries from employees, and help champion security within the organisation
You have
- Extensive experience investigating security incidents and events using SIEM (Splunk preferred)
- Experience with playbook development
- Experience performing threat hunting and leveraging threat intelligence to guide investigations
- Experience participating in cybersecurity tabletop exercises
- In-depth technical knowledge of operating systems, networking, and cloud platforms
- Strong understanding of common security operations including NIST, ISO27001, Mitre ATT&CK, and Cyber Kill chain
- A positive attitude and a passion for security
- The ability to respond to security events outside of usual work hours on rostered basis (*on-call responsibilities are optional for this role)
- Industry recognised security qualifications highly advantageous
You are
- Desirable: qualifications or certifications in cyber security blue team or SOC operations, incident management, threat hunting, or offensive security disciplines would be an advantage
