What is the opportunity for you?
Culture Amp is looking for a Security Analyst to join a growing security operations function and participate in event and incident management, and vulnerability management activities. You will have knowledge of investigating cybersecurity events using SIEM, EDR, and traffic analysis tools, and will have an understanding of cybersecurity threats.The Security Analyst will play a major role in Culture Amp’s security operations capability and will be responsible for detecting and quickly responding to a range of cybersecurity threats guided by senior security analysts. As a security analyst you will be mentored by experienced security operations practitioners. This role is a great opportunity to contribute to the security of the Culture Amp platform while gaining more experience in security practices and some of the latest technologies.
Your role in the Camp
- Monitor and analyse cybersecurity events, trends, and threats
- Investigate cybersecurity incidents and undertake response activities using defined response plans and playbooks
- Support major incident response activities
- Perform vulnerability analysis and provide guidance on remediation activities
- Participate in incident response drills and exercises
- Provide input into the development and continuous improvement of Culture Amp’s security technologies and processes
- Identify and implement opportunities for automation to improve detection and response capabilities
- Respond to queries from employees, and help champion security within the organisation
- Provide regular metrics and reporting on threats, vulnerabilities, and improvement(s)
What you’ll bring to Culture Amp
- Knowledge of, and some exposure to investigating security incidents and events using SIEM (Splunk preferred)
- Knowledge of, and some exposure to EDR technologies (CrowdStrike preferred)
- Knowledge of vulnerability assessment and management tools and techniques
- Technical knowledge of operating systems, networking, and cloud platforms
- An understanding of common security operations including NIST, ISO27001, Mitre ATT&CK, and/or Cyber Kill chain
- Some exposure to or preparedness to learn to manage data loss prevention (DLP) and/or CASB technologies
- A positive attitude and a passion for security
- Demonstrable micro learning or ongoing self development in security
- Industry recognised security qualifications highly advantageous
