Tier 1 Fusion Security Analyst

Responsibilities

• Managing incoming queues of detection alerts, identity requests, facilities requests, and HR investigations 
• Interact with our Managed Security Service Provider (MSSP) to investigate and resolve issues
• Prioritizing and triaging competing incidents to maintain Service Level Agreements (SLA)
• Managing investigations including escalation, organizing unstructured work and engaging resource teams across the company
• Managing urgency and visibility to ensure timely response by all involved parties
• Owning an incident for it’s full lifecycle, including after action reviews and follow up actions
• Communication and coordination with other security professionals,  internal teams, and law enforcement agencies as needed to address incidents and threats.
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response
• Create and maintain documentation including incident response plans, standard operating procedures, and knowledge base articles
• Rotating on-call coverage

A little about you

• Strong problem solving abilities that help to drive forward incidents to completion and help keep Nielsen secure.
• Your effective communication skills help in collaborating with key stakeholders, and for translating technical jargon into understandable terms.
• It is important that you stay current on new attack vectors, technologies, tools, and best practices as they change over time.
• You have an open mind and a keen eye for details to detect anomalies and potential security issues others may overlook.
• A true passion for security and a commitment to safeguarding an organization from threats.

Qualifications

• Bachelor’s degree or 1-2 years relevant security experience preferred
• Experience with Security Incident Response, Digital Forensics, Timeline Analysis or related
• Experience or knowledge of current information security solutions and technologies, including cloud, network and host based products
• Effective and efficient investigative skills across multiple technologies
• Excellent verbal and written communication skills including a focus on providing continuous, proactive communications to management, peers, and stakeholders while working on incidents
• Ability and willingness to continually learn and hone Security skills around Cyber and Physical Security
• Cybersecurity certifications preferred (e.g. CISSP, Sec+, SANS/GIAC)
• Familiarity with Python and Powershell a plus
• Experience automating tasks via scripting or other tools (Tines,or similar SOAR)  a plus

Technologies you may work with include

• Security Incident and Event Management (Devo,Splunk, or similar)
• Identity Platforms (Okta, Sailpoint, or similar)
• Network Intrusion Detection Systems (OSSEC, Juniper, Palo Alto, or similar)
• Endpoint detection and response (CrowdStrike, Defender, or similar)
• Enterprise level E-Mail security (Google, O365, or similar)
• Digital Forensics and Incident Response tools (Cado, EnCase, FTK, or similar)
• Most operating systems (Windows, Linux, MacOS)
• Public cloud/PaaS (e.g. AWS, GCP, Azure)
• Virtualization and Containers (VMware, Docker, Kubernetes, or similar)