Karl Storz Endoscopy
Cyber Security Analyst III
Karl Storz Endoscopy, El Segundo, California, United States, 90245
KARL STORZ is currently recruiting for a
Cyber Security Analyst . This person will be responsible for detecting and responding to cyber threats in the organization, driving out weaknesses in our infrastructure (software, hardware, and networks), and finding creative ways to protect our company. You will take a lead role in responding to and investigating advanced/targeted attacks, coordinating efforts with incident response teams and senior management.ResponsibilitiesProactively monitor and analyze events and alerts from our SIEM, NDR, EDR, and ITDR to detect and respond to complex and sophisticated threats, focusing on identifying new attack vectors.Conduct advanced monitoring and analysis of computer networks, utilizing advanced tools and techniques to detect and respond to security issues.Lead the analysis of malware, phishing, application, and network-based attacks, identifying new patterns and trends, and developing proactive mitigation strategies.Lead the documentation of all actions, decisions, and outcomes throughout the duration of a cybersecurity incident, ensuring comprehensive reporting and knowledge sharing.Drive the development and improvement of cyber security incident playbooks, incorporating best practices and lessons learned from previous incidents and industry standards.Lead Blue/Red Team exercises, designing and executing advanced attack simulations to identify and address critical vulnerabilities and weaknesses in IT infrastructure.Develop and maintain robust incident response management plans and processes, regularly reviewing and updating them to align with industry standards and evolving threats.Take ownership of monitoring relevant security bulletins and security forums, providing timely updates and recommendations to the team and stakeholders.Conduct in-depth analysis of emerging threats and their potential impacts on the environment and systems, working closely with other teams to implement proactive security measures.Perform other duties as assigned, demonstrating leadership skills and contributing to the strategic direction of the cybersecurity function.Requirements4+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.Bachelor's degree in Cybersecurity, Computer Science, or equivalent technical discipline.Certification in SANS Sec 4xx e.g. GIAC Security Essentials (GSEC) or other equivalent Cyber Security certifications is desirable.Intermediate knowledge of malware families and network attack vectors.Intermediate knowledge of operating system internals and security mechanisms.Intermediate knowledge of web applications and APIs.Intermediate knowledge in system security architecture and security solutions.Intermediate understanding of attack activities such as network scanning, DDOS, malicious code activity, etc.Intermediate understanding of network infrastructure devices such as routers and switches.Intermediate understanding of networking protocols such as TCP/IP, DNS, HTTP/S.Preferences5 - 6 years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.Master's degree in cybersecurity, computer science, or equivalent technical discipline.CISSP or other equivalent Cyber Security certifications is desirable.Intermediate knowledge in scripting, Python, YARA, and RegEx experience.Intermediate knowledge in working with large data sets, using tools such as Excel, SQL, Splunk, and PowerBI.Intermediate knowledge with forensics tools and malware analysis.Intermediate knowledge in security technologies such as SIEM, IDS/IPS, DLP, WAF, NDR, EDR, ITDR, SOAR.Familiar with ITIL processes and framework.
#J-18808-Ljbffr
Cyber Security Analyst . This person will be responsible for detecting and responding to cyber threats in the organization, driving out weaknesses in our infrastructure (software, hardware, and networks), and finding creative ways to protect our company. You will take a lead role in responding to and investigating advanced/targeted attacks, coordinating efforts with incident response teams and senior management.ResponsibilitiesProactively monitor and analyze events and alerts from our SIEM, NDR, EDR, and ITDR to detect and respond to complex and sophisticated threats, focusing on identifying new attack vectors.Conduct advanced monitoring and analysis of computer networks, utilizing advanced tools and techniques to detect and respond to security issues.Lead the analysis of malware, phishing, application, and network-based attacks, identifying new patterns and trends, and developing proactive mitigation strategies.Lead the documentation of all actions, decisions, and outcomes throughout the duration of a cybersecurity incident, ensuring comprehensive reporting and knowledge sharing.Drive the development and improvement of cyber security incident playbooks, incorporating best practices and lessons learned from previous incidents and industry standards.Lead Blue/Red Team exercises, designing and executing advanced attack simulations to identify and address critical vulnerabilities and weaknesses in IT infrastructure.Develop and maintain robust incident response management plans and processes, regularly reviewing and updating them to align with industry standards and evolving threats.Take ownership of monitoring relevant security bulletins and security forums, providing timely updates and recommendations to the team and stakeholders.Conduct in-depth analysis of emerging threats and their potential impacts on the environment and systems, working closely with other teams to implement proactive security measures.Perform other duties as assigned, demonstrating leadership skills and contributing to the strategic direction of the cybersecurity function.Requirements4+ years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.Bachelor's degree in Cybersecurity, Computer Science, or equivalent technical discipline.Certification in SANS Sec 4xx e.g. GIAC Security Essentials (GSEC) or other equivalent Cyber Security certifications is desirable.Intermediate knowledge of malware families and network attack vectors.Intermediate knowledge of operating system internals and security mechanisms.Intermediate knowledge of web applications and APIs.Intermediate knowledge in system security architecture and security solutions.Intermediate understanding of attack activities such as network scanning, DDOS, malicious code activity, etc.Intermediate understanding of network infrastructure devices such as routers and switches.Intermediate understanding of networking protocols such as TCP/IP, DNS, HTTP/S.Preferences5 - 6 years of experience in a technical role in the areas of Security Operations, Threat Intelligence, Cyber Incident Response, or Penetration Testing/Red Team.Master's degree in cybersecurity, computer science, or equivalent technical discipline.CISSP or other equivalent Cyber Security certifications is desirable.Intermediate knowledge in scripting, Python, YARA, and RegEx experience.Intermediate knowledge in working with large data sets, using tools such as Excel, SQL, Splunk, and PowerBI.Intermediate knowledge with forensics tools and malware analysis.Intermediate knowledge in security technologies such as SIEM, IDS/IPS, DLP, WAF, NDR, EDR, ITDR, SOAR.Familiar with ITIL processes and framework.
#J-18808-Ljbffr