KARL STORZ SE & Co. KG
Cyber Security Analyst III
KARL STORZ SE & Co. KG, El Segundo, California, United States, 90245
At KARL STORZ, we take pride in helping patientsthrough some of the toughest journeys of their lives.We are making contributions that matter.Regardless of your role, YOU improve patients’ lives every day.KARL STORZ is currently recruiting for a
Cyber Security Analyst . This person will be responsible for detecting and responding to cyber threats in the organization, drive out weaknesses in our infrastructure (software, hardware and networks), and find creative ways to protect our company. You will take a lead role in responding to and investigating advanced/targeted attacks, coordinating efforts with incident response teams and senior management.ResponsibilitiesProactively monitor and analyze events, alerts, and from our SIEM, NDR, EDR, and ITDR to detect and respond to complex and sophisticated threats, with a focus on identifying new attack vectors.Conduct advanced monitoring and analysis of computer networks, utilizing advanced tools and techniques to detect and respond to security issues.Lead the analysis of malware, phishing, application, and network-based attacks, identifying new patterns and trends, and developing proactive mitigation strategies.Lead the documentation of all actions, decisions, and outcomes throughout the duration of a cybersecurity incident, ensuring comprehensive reporting and knowledge sharing.Drive the development and improvement of cyber security incident playbooks, incorporating best practices and lessons learned from previous incidents and industry standards.Lead Blue/Red Team exercises, designing and executing advanced attack simulations to identify and address critical vulnerabilities and weaknesses in IT infrastructure.Develop and maintain robust incident response management plans and processes, regularly reviewing and updating them to align with industry standards and evolving threats.Take ownership of monitoring relevant security bulletins and security forums, providing timely updates and recommendations to the team and stakeholders.Conduct in-depth analysis of emerging threats and their potential impacts to the environment and systems, working closely with other teams to implement proactive security measures.Perform other duties as assigned, demonstrating leadership skills and contributing to the strategic direction of the cybersecurity function.Requirements4+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.Bachelor’s degree in Cybersecurity, Computer Science, or equivalent technical discipline.Certification in SANS Sec 4xx e.g. GIAC Security Essentials (GSEC) or other equivalent Cyber Security certifications is desirable.Intermediate knowledge of malware families and network attack vectors.Intermediate knowledge of operating system internals and security mechanisms.Intermediate knowledge of web applications and APIs.Intermediate knowledge in system security architecture and security solutions.Intermediate understanding of attack activities such as network scanning, DDOS, malicious code activity, etc.Intermediate understanding of network infrastructure devices such as routers and switches.Intermediate understanding of networking protocols such as TCP/IP, DNS, HTTP/S.Preferences5 - 6 years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.Master’s degree in cybersecurity, computer science, or equivalent technical discipline.CISSP or other equivalent Cyber Security certifications is desirable.Intermediate knowledge in scripting, Python, YARA, and RegEx experience.Intermediate knowledge in working with large data sets, using tools such as: Excel, SQL, Splunk, and PowerBI.Intermediate knowledge with forensics tools and malware analysis.Intermediate knowledge in security technologies such as: SIEM, IDS/IPS, DLP, WAF, NDR, EDR, ITDR, SOAR.Familiar with ITIL processes and framework.
#J-18808-Ljbffr
Cyber Security Analyst . This person will be responsible for detecting and responding to cyber threats in the organization, drive out weaknesses in our infrastructure (software, hardware and networks), and find creative ways to protect our company. You will take a lead role in responding to and investigating advanced/targeted attacks, coordinating efforts with incident response teams and senior management.ResponsibilitiesProactively monitor and analyze events, alerts, and from our SIEM, NDR, EDR, and ITDR to detect and respond to complex and sophisticated threats, with a focus on identifying new attack vectors.Conduct advanced monitoring and analysis of computer networks, utilizing advanced tools and techniques to detect and respond to security issues.Lead the analysis of malware, phishing, application, and network-based attacks, identifying new patterns and trends, and developing proactive mitigation strategies.Lead the documentation of all actions, decisions, and outcomes throughout the duration of a cybersecurity incident, ensuring comprehensive reporting and knowledge sharing.Drive the development and improvement of cyber security incident playbooks, incorporating best practices and lessons learned from previous incidents and industry standards.Lead Blue/Red Team exercises, designing and executing advanced attack simulations to identify and address critical vulnerabilities and weaknesses in IT infrastructure.Develop and maintain robust incident response management plans and processes, regularly reviewing and updating them to align with industry standards and evolving threats.Take ownership of monitoring relevant security bulletins and security forums, providing timely updates and recommendations to the team and stakeholders.Conduct in-depth analysis of emerging threats and their potential impacts to the environment and systems, working closely with other teams to implement proactive security measures.Perform other duties as assigned, demonstrating leadership skills and contributing to the strategic direction of the cybersecurity function.Requirements4+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.Bachelor’s degree in Cybersecurity, Computer Science, or equivalent technical discipline.Certification in SANS Sec 4xx e.g. GIAC Security Essentials (GSEC) or other equivalent Cyber Security certifications is desirable.Intermediate knowledge of malware families and network attack vectors.Intermediate knowledge of operating system internals and security mechanisms.Intermediate knowledge of web applications and APIs.Intermediate knowledge in system security architecture and security solutions.Intermediate understanding of attack activities such as network scanning, DDOS, malicious code activity, etc.Intermediate understanding of network infrastructure devices such as routers and switches.Intermediate understanding of networking protocols such as TCP/IP, DNS, HTTP/S.Preferences5 - 6 years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.Master’s degree in cybersecurity, computer science, or equivalent technical discipline.CISSP or other equivalent Cyber Security certifications is desirable.Intermediate knowledge in scripting, Python, YARA, and RegEx experience.Intermediate knowledge in working with large data sets, using tools such as: Excel, SQL, Splunk, and PowerBI.Intermediate knowledge with forensics tools and malware analysis.Intermediate knowledge in security technologies such as: SIEM, IDS/IPS, DLP, WAF, NDR, EDR, ITDR, SOAR.Familiar with ITIL processes and framework.
#J-18808-Ljbffr