iManage
Security Operations Center Analyst II
iManage, Chicago, Illinois, United States, 60290
iManage is committed to providing an excellent candidate experience and will never ask you to engage in recruitment activity via text and exclusively communicates from emails using the @imanage.com domain. If you have any concerns or questions about communications you have received, please send them to careers@imanage.com so our team members can review.
We offer a flexible working policy that supports the health and well-being of our iManage employees. As an organization, we value collaborating and learning from our peers in person, while providing the necessary flexibility for our employees to have a meaningful work-life balance. Please reach out to learn more.
Being a Security Operations Analyst at iManage Means…
You are the primarily responsible team member for the day-to-day monitoring of, and initial security event detection analysis for, all production systems, network infrastructure, and all other related information security systems, data, and event logs using our SIEM and related tools. You will, when needed, triage and escalate higher-priority events to other Analysts & Engineers and provide the necessary technical information for further analysis. Additionally, you will assist in identifying, analyzing and influencing the management of security risks across the organization based on observed events, logs and collected threat intelligence.
iM Responsible For…
Monitoring, triaging, and responding to security & system events from a variety of systems and sources in a timely manner and with the highest level of courtesy, professionalism, and respect.Handling daily monitoring and remediation for private and public cloud security infrastructure, using health and availability tooling like Zabbix and Prometheus.Preparing and documenting standard operating procedures then creating managed automation to handle the day-to-day repeatable tasks.Contributing to developing, reviewing, and testing new detection and response capabilities and tooling.Creating SIEM dashboards, utilizing SPL & KQL, to aid in establishing trending and analysis as well as aid in reducing the time to triage and respond to alerts.Interfacing with other teams throughout the organization with the objective to provide high quality and low friction, security operations services.Continuously monitoring threat and vulnerability sources and then analyzing the data for potential risks to the overall safe operations of the organization.Independently identifying security alerts that require exclusions and filtering, implementing them in an appropriate and non-disruptive fashion, and performing post-change validation.Reviewing and following-up on cross-functional Security controls on a weekly, monthly, quarterly, and annual basis.Acting as part of the incident response team providing troubleshooting, analysis, and forensics when needed.iM Qualified Because I Have…
3+ years of Information Security connected experience, either directly or indirectly, along with the capability, willingness and motivation to absorb new technical information at an accelerated pace.A nearly innate desire to figure things out along with the dedication to maintaining a lifelong commitment to continuous learning.Excellent verbal and written communication skills in both in-person and electronic forms.Comfort operating under minimal supervision after being given the direction and tools, in a fast-paced environment.The ability to think in a non-linear, yet almost rigorously analytical, type of problem-solving mindset.Understanding and ability to work with global schedules that often require non-traditional, and non-US, working hours. Including On-call escalations during non-standard hours for work alerts and incident response.Exposure to automation and scripting tools such as Ansible, Terraform, Python, PowerShell, AWS Lambda, or Azure Functions.A basic understanding of endpoint protection including, EDR or Microsoft Defender preferred but others would be a suitable replacement.Familiarity with Microsoft Azure, with a focus on security functionality (incl. Microsoft Defender for Cloud, Microsoft Defender for Servers, Microsoft Defender for Endpoints, Microsoft Sentinel, Conditional Access, XDR, Security Center, Event Hubs, etc.)A ground-level understanding of Azure or similar cloud service such as Amazon Web Services. Certification(s) would stand out.Some knowledge and understanding of MITRE ATT&CK and Cyber Kill Chain frameworks.Bonus Points if I Have...
Configuration and/or administration of a SIEM is a plus, Splunk & Sentinel preferred.Experience in firewall administration, Palo Alto & Panorama preferred, including functions such as firewall ACLs, DNS block lists, and VPNs.Cursory understanding of PKI infrastructure including SSL certificates issued by third-party Certificate Authorities and/or the Microsoft Windows Certificate Authority.One or more of the following certifications: CompTIA Security+ or GIAC Security Essentials (GSEC), CompTIA Network+, Azure SC-200, or CCNP/CCNA or similar.Don't meet every qualification listed above? Studies show that women and people of color are less likely to apply to jobs unless they meet all qualifications. At iManage, we are committed to building a diverse and inclusive environment, and encourage everyone to show up as their full authentic selves. We welcome those that come with a growth mindset and a hunger for learning; so, if you are excited about this role but your past experience doesn't align perfectly with every qualification we encourage you to apply anyways!
iM Getting To…
Join a supportive, experienced team with an inclusive, encouraging, and vibrant culture.Have flexible work hours that allow me to balance my ‘me time’ with my work commitments.Collaborate in a modern open plan workspace, with a gaming area, free snacks, drinks and regular social events.Focus on impactful work, solving complex, real challenges utilizing the latest technologies and protocols.Own my career path with our internal development framework. Ask us more about this!Learn new skills and earn certifications with access to unlimited courses in LinkedIn Learning.Join an innovative, industry leading SaaS company that is continuing to grow & scale!iManage Is Supporting Me By...
Creating an inclusive environment where I can help shape the culture not just by fitting in, but by adding to it.Providing a market competitive salary that is applied through a consistent process, equitable for all our employees, and regularly reviewed based on industry data.Rewarding me with an annual performance-based bonus.Offering comprehensive Health/Vision/Dental/Life Insurance, and a 401k Retirement Savings Plan with a company match up to 4%.Giving access to HealthJoy, a healthcare concierge service, to help me maximize my health benefits.Granting enhanced leave for expecting parents; 20 weeks 100% paid for primary leave, and 10 weeks 100% paid for secondary leave.Providing me with a flexible time off policy to take the time off that I need. Be it for vacation, volunteering, celebrating holidays, spending time with family, or simply taking time to recharge and reset.Caring for my mental health and well-being with multiple company wellness days and free access to the Healthy Minds app for mindfulness, meditation and more.About iManage…
iManage is dedicated to Making Knowledge WorkTM. Over one million professionals across 65+ countries rely on our intelligent, cloud-enabled, secure knowledge work platform to uncover and activate the knowledge that exists inside their business content and communications.We are continuously innovating to solve the most complex professional challenges and enable better business outcomes; Our work is not always easy but it is ambitious and rewarding.So we’re looking for people who love a challenge. People who are happiest when they’re solving problems and collaborating with the industry’s best and brightest. That’s the iManage way. It’s how we do things that might appear impossible. How we develop our employees’ strengths and unlock their potential. How we find meaning in everything we do.Whoever you are, whatever you do, however you work. Make it mean something at iManage.iManage provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.Learn more at:
www.imanage.comPlease see our privacy statement for more information on how we handle your personal data:
https://imanage.com/privacy-policy/
#LI-Hybrid#LI-LM1
#J-18808-Ljbffr
We offer a flexible working policy that supports the health and well-being of our iManage employees. As an organization, we value collaborating and learning from our peers in person, while providing the necessary flexibility for our employees to have a meaningful work-life balance. Please reach out to learn more.
Being a Security Operations Analyst at iManage Means…
You are the primarily responsible team member for the day-to-day monitoring of, and initial security event detection analysis for, all production systems, network infrastructure, and all other related information security systems, data, and event logs using our SIEM and related tools. You will, when needed, triage and escalate higher-priority events to other Analysts & Engineers and provide the necessary technical information for further analysis. Additionally, you will assist in identifying, analyzing and influencing the management of security risks across the organization based on observed events, logs and collected threat intelligence.
iM Responsible For…
Monitoring, triaging, and responding to security & system events from a variety of systems and sources in a timely manner and with the highest level of courtesy, professionalism, and respect.Handling daily monitoring and remediation for private and public cloud security infrastructure, using health and availability tooling like Zabbix and Prometheus.Preparing and documenting standard operating procedures then creating managed automation to handle the day-to-day repeatable tasks.Contributing to developing, reviewing, and testing new detection and response capabilities and tooling.Creating SIEM dashboards, utilizing SPL & KQL, to aid in establishing trending and analysis as well as aid in reducing the time to triage and respond to alerts.Interfacing with other teams throughout the organization with the objective to provide high quality and low friction, security operations services.Continuously monitoring threat and vulnerability sources and then analyzing the data for potential risks to the overall safe operations of the organization.Independently identifying security alerts that require exclusions and filtering, implementing them in an appropriate and non-disruptive fashion, and performing post-change validation.Reviewing and following-up on cross-functional Security controls on a weekly, monthly, quarterly, and annual basis.Acting as part of the incident response team providing troubleshooting, analysis, and forensics when needed.iM Qualified Because I Have…
3+ years of Information Security connected experience, either directly or indirectly, along with the capability, willingness and motivation to absorb new technical information at an accelerated pace.A nearly innate desire to figure things out along with the dedication to maintaining a lifelong commitment to continuous learning.Excellent verbal and written communication skills in both in-person and electronic forms.Comfort operating under minimal supervision after being given the direction and tools, in a fast-paced environment.The ability to think in a non-linear, yet almost rigorously analytical, type of problem-solving mindset.Understanding and ability to work with global schedules that often require non-traditional, and non-US, working hours. Including On-call escalations during non-standard hours for work alerts and incident response.Exposure to automation and scripting tools such as Ansible, Terraform, Python, PowerShell, AWS Lambda, or Azure Functions.A basic understanding of endpoint protection including, EDR or Microsoft Defender preferred but others would be a suitable replacement.Familiarity with Microsoft Azure, with a focus on security functionality (incl. Microsoft Defender for Cloud, Microsoft Defender for Servers, Microsoft Defender for Endpoints, Microsoft Sentinel, Conditional Access, XDR, Security Center, Event Hubs, etc.)A ground-level understanding of Azure or similar cloud service such as Amazon Web Services. Certification(s) would stand out.Some knowledge and understanding of MITRE ATT&CK and Cyber Kill Chain frameworks.Bonus Points if I Have...
Configuration and/or administration of a SIEM is a plus, Splunk & Sentinel preferred.Experience in firewall administration, Palo Alto & Panorama preferred, including functions such as firewall ACLs, DNS block lists, and VPNs.Cursory understanding of PKI infrastructure including SSL certificates issued by third-party Certificate Authorities and/or the Microsoft Windows Certificate Authority.One or more of the following certifications: CompTIA Security+ or GIAC Security Essentials (GSEC), CompTIA Network+, Azure SC-200, or CCNP/CCNA or similar.Don't meet every qualification listed above? Studies show that women and people of color are less likely to apply to jobs unless they meet all qualifications. At iManage, we are committed to building a diverse and inclusive environment, and encourage everyone to show up as their full authentic selves. We welcome those that come with a growth mindset and a hunger for learning; so, if you are excited about this role but your past experience doesn't align perfectly with every qualification we encourage you to apply anyways!
iM Getting To…
Join a supportive, experienced team with an inclusive, encouraging, and vibrant culture.Have flexible work hours that allow me to balance my ‘me time’ with my work commitments.Collaborate in a modern open plan workspace, with a gaming area, free snacks, drinks and regular social events.Focus on impactful work, solving complex, real challenges utilizing the latest technologies and protocols.Own my career path with our internal development framework. Ask us more about this!Learn new skills and earn certifications with access to unlimited courses in LinkedIn Learning.Join an innovative, industry leading SaaS company that is continuing to grow & scale!iManage Is Supporting Me By...
Creating an inclusive environment where I can help shape the culture not just by fitting in, but by adding to it.Providing a market competitive salary that is applied through a consistent process, equitable for all our employees, and regularly reviewed based on industry data.Rewarding me with an annual performance-based bonus.Offering comprehensive Health/Vision/Dental/Life Insurance, and a 401k Retirement Savings Plan with a company match up to 4%.Giving access to HealthJoy, a healthcare concierge service, to help me maximize my health benefits.Granting enhanced leave for expecting parents; 20 weeks 100% paid for primary leave, and 10 weeks 100% paid for secondary leave.Providing me with a flexible time off policy to take the time off that I need. Be it for vacation, volunteering, celebrating holidays, spending time with family, or simply taking time to recharge and reset.Caring for my mental health and well-being with multiple company wellness days and free access to the Healthy Minds app for mindfulness, meditation and more.About iManage…
iManage is dedicated to Making Knowledge WorkTM. Over one million professionals across 65+ countries rely on our intelligent, cloud-enabled, secure knowledge work platform to uncover and activate the knowledge that exists inside their business content and communications.We are continuously innovating to solve the most complex professional challenges and enable better business outcomes; Our work is not always easy but it is ambitious and rewarding.So we’re looking for people who love a challenge. People who are happiest when they’re solving problems and collaborating with the industry’s best and brightest. That’s the iManage way. It’s how we do things that might appear impossible. How we develop our employees’ strengths and unlock their potential. How we find meaning in everything we do.Whoever you are, whatever you do, however you work. Make it mean something at iManage.iManage provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.Learn more at:
www.imanage.comPlease see our privacy statement for more information on how we handle your personal data:
https://imanage.com/privacy-policy/
#LI-Hybrid#LI-LM1
#J-18808-Ljbffr