XperiencOps Inc
IT Security and Compliance Analyst
XperiencOps Inc, Pleasanton, California, United States, 94566
XperiencOps, Inc. is in search of an IT Security and Compliance Analyst who will be crucial in upholding our ISO 27001:2022/ ISO 27018 / SOC2 Type2 certifications and managing various aspects of our security and compliance framework. This role demands a professional skilled in policy maintenance, security incident documentation, and vendor security assessments, preferably with experience using Vanta for compliance management.
Key Responsibilities 1. Security Architecture & Tooling
Design, deploy, and maintain SOC-related technologies, with a particular focus on SIEM and IDS Develop and refine security use cases, detection rules, correlation queries, and dashboards SIEM tools to improve threat detection and response capabilities. Optimize IDS solutions to monitor and detect threats in cloud-native environments, ensuring clear and actionable alerts for the SOC. 2. SOC Operations & Threat Monitoring
Optimize threat detection and incident response strategies using SIEM analytics and IDS findings. Monitor and analyze logs, alerts, network traffic, and telemetry for Indicators of Compromise (IOCs) to rapidly identify and respond to potential threats across endpoints and cloud environments. Develop and implement tuning and filtering strategies to reduce false positives and improve the fidelity of alerts generated by SIEM and IDS tools 3. Incident Response & Forensics
Lead technical investigations of security incidents from identification through resolution, leveraging SIEM and IDS insights. Perform root-cause analysis, gather forensic artifacts, and implement long-term preventive measures in alignment with security best practices. Document incident response procedures, lessons learned, and recommendations to enhance readiness and maturity of the SOC. 4. Vulnerability Management
Assist in the identification, analysis, and remediation of vulnerabilities, working closely with vulnerability scanning and patch management tools. Requirements
Bachelor's degree in Information Technology, Cybersecurity, or related field, with professional certifications in ISO 27001/27018, CRISC, or CISM being advantageous. Demonstrable experience in IT security and compliance, with a strong understanding of ISO certification requirements and security incident management. Familiarity with compliance management tools, preferably Vanta, and experience in conducting vendor security assessments. Detail-oriented with strong analytical skills, capable of managing multiple priorities in a fast-paced environment. Effective communication skills, both written and verbal, with the ability to convey complex security and compliance information clearly. Location
This is a full-time, onsite position based in our Pleasanton, CA office. The successful candidate will be required to report to the office 5 days a week. Benefits
Competitive salary with comprehensive benefits. An engaging role in a dynamic and growing company with opportunities for professional development and growth. A collaborative work environment where your contributions to IT security and compliance are highly valued.
Key Responsibilities 1. Security Architecture & Tooling
Design, deploy, and maintain SOC-related technologies, with a particular focus on SIEM and IDS Develop and refine security use cases, detection rules, correlation queries, and dashboards SIEM tools to improve threat detection and response capabilities. Optimize IDS solutions to monitor and detect threats in cloud-native environments, ensuring clear and actionable alerts for the SOC. 2. SOC Operations & Threat Monitoring
Optimize threat detection and incident response strategies using SIEM analytics and IDS findings. Monitor and analyze logs, alerts, network traffic, and telemetry for Indicators of Compromise (IOCs) to rapidly identify and respond to potential threats across endpoints and cloud environments. Develop and implement tuning and filtering strategies to reduce false positives and improve the fidelity of alerts generated by SIEM and IDS tools 3. Incident Response & Forensics
Lead technical investigations of security incidents from identification through resolution, leveraging SIEM and IDS insights. Perform root-cause analysis, gather forensic artifacts, and implement long-term preventive measures in alignment with security best practices. Document incident response procedures, lessons learned, and recommendations to enhance readiness and maturity of the SOC. 4. Vulnerability Management
Assist in the identification, analysis, and remediation of vulnerabilities, working closely with vulnerability scanning and patch management tools. Requirements
Bachelor's degree in Information Technology, Cybersecurity, or related field, with professional certifications in ISO 27001/27018, CRISC, or CISM being advantageous. Demonstrable experience in IT security and compliance, with a strong understanding of ISO certification requirements and security incident management. Familiarity with compliance management tools, preferably Vanta, and experience in conducting vendor security assessments. Detail-oriented with strong analytical skills, capable of managing multiple priorities in a fast-paced environment. Effective communication skills, both written and verbal, with the ability to convey complex security and compliance information clearly. Location
This is a full-time, onsite position based in our Pleasanton, CA office. The successful candidate will be required to report to the office 5 days a week. Benefits
Competitive salary with comprehensive benefits. An engaging role in a dynamic and growing company with opportunities for professional development and growth. A collaborative work environment where your contributions to IT security and compliance are highly valued.