Security Analyst

We are looking for an Security Analyst who is able to analyze security events and investigate potential incidents, validate and manage high priority incidents while providing comprehensive written root-cause analysis to security teams & stakeholders, utilize tooling to contain & minimize overall impact while escalating unresolved incidents to security engineering teams, maintain & continuously update incident response plans and runbooks for more efficient incident response.

This person will be responsible for monitoring security alerts and events in order to identify & remediate security incidents across various on-prem and cloud based solutions. We are looking for someone who is passionate about what they do, and not afraid to speak up or make suggestions. 

Key accountabilities:

• Develop operational procedures to implement and continually improve the incident response process.
• Monitor security alerts within the tech stack, and investigate any potential security incidents.
• Analyze the alerts received to classify and assess the impact, managing high priority incidents, including communication to the business, facilitating root cause analysis and resolution.
• Perform cyber security investigations as part of the incident analysis.
• Coordinate with other departments the remediation tasks to be performed and escalate unresolved incidents.
• Perform post-mortem analysis to identify root causes and design controls or measures to prevent future incidents.
• Write comprehensive investigation reports capturing investigation details and root cause analysis aligned knowledge of modern Tactics, Techniques, and Procedures (TTPs).
• Collaborate with content production for security awareness.

Minimum Qualifications:

• 3+ years of experience in similar roles
• Bachelor’s degree in Computer Science/Engineering/Information Security
• Working ITIL knowledge and experience
• Functional knowledge of the MITRE ATT&CK framework
• Experience with log analysis, malware analysis, and/or forensic analysis
• Hands-on experience with industry leading security tools: EDR, SWG, SIEM, MDM

Qualities:

• Good communication
• Ability to confidently present findings to those with either a technical or non-technical background.
• Self-directed, resourceful, and a critical thinker with attention-to-detail and proactive problem-solving skills.
• Ability to self-organize and plan activities with commitment towards results.
• Ready to learn new contents both from others or self-learned.
• Passionate about self-improvement and suggesting improvements to processes or activities.

Preferred Qualifications:

• InfoSec Certification (e.g. CISSP, Comptia Sec, CEH, etc)
• Cloud experience (AWS, Azure, GCP) in a production environment
• Scripting experience (Python, Perl, Powershell, etc)
• Experience in Blue/Red/Purple team engagements

#LI-CX1

About Media.Monks:

Media.Monks is on a mission to create a new future for this industry. Our vision? Build everything with a belief that changing for good comes from changing who does the work. Yep, that means you. Welcome to the party—one global, cross-cultural collective with a passion for using our skills to create better and a better world. That’s how we’re able to connect the dots between data, content, digital media, and technology from everywhere we are—a true end-to-end model. Joining the Media.Monks collective means having the opportunity to create award-winning work with some of the most gifted, focused, joyful, talents from all over the world.

At Media.Monks, you’ll be joining a highly ambitious company on a global mission to win the decade by changing the industry for good. Partner to 8 of the 10 most innovative companies in the world, Media.Monks works with established as well as up-and-coming global, regional, DTC and B2B brands, helping them own their data and build out customer ecosystems to elicit smart, efficient, high-impact engines for growth. We deliver table stakes quickly, creating cost efficiencies from day one to push up the creative effectiveness of our work with every cycle.

We are an equal-opportunity employer committed to building a respectful and empowering work environment for all people to freely express themselves amongst colleagues who embrace diversity in all respects. Including fresh voices and unique points of view in all aspects of our business not only creates an environment where we can all grow and thrive but also increases our potential to produce work that better represents—and resonates with—the world around us. 

While we continue to grow our teams, please be mindful of fraudulent job postings and recruiting activities that may use our company name and information. Please be mindful to protect your personal information, especially your national identification number, and bank account information during a recruiting process. While Media.Monks may reach out to potential candidates via LinkedIn, we will always ask applicants to apply through our website (https://media.monks.com/careers) and will never ask for payment or bank account information during the recruitment process.

Disclaimer: 

• Responsible for resourcing and implementing security controls for your teams processes and systems

• Responsible that all your personnel apply information security in accordance with the established information security policy