Job Listing Description

Seeking a motivated and detail-oriented Security Operations Analyst to join the Information Security team and play a key role in protecting the companys information and system assets.

The Security Operations Analyst will support the operation of all of Virgin Galactic's security processes and tooling, ensuring that applications, information assets and key infrastructure stay protected. The Security Operations Analyst will be a key technical resource that supports and delivers critical elements of the security program, including patch management, alert triage and analysis, threat intelligence monitoring, access management, metrics reporting, risk assessment support, and incident management. The role requires solid communication and organizational skills, curiosity, initiative, attention to detail and the ability to learn quickly. This isn't just a SOC role, it's way more than that!

Responsibilities:

Perform daily and real-time triage on security alerts, escalating as needed for response, and tuning false positives. Conduct analysis on various data sources, such as anti-virus logs, web and network firewall logs, IDS & IPS data, event logs, and other host-based and network-based artifacts. Monitor multiple industry threat and vulnerability feeds and report relevant issues to the infrastructure and application teams. Keep abreast of the latest security issues and identify mitigation actions. Manage the security awareness program and conduct user phishing testing exercises. Handle approvals for VPN and system access requests. Provide support for third-party security assessments. Assist with response to cyber incidents. Assist in the collection of system information and procedures required by internal and external audits and examinations; assist in drafting responses to audits. Perform vendor risk assessments as assigned. Work with vendors and business owners to gather documentation and develop vendor remediation plans. Provide security metrics reporting on effectiveness of the security program. Draft security procedure documents, as assigned. Related projects and tasks as assigned.

Educational Requirements:

Bachelor's degree from an accredited university is preferred, but not required.

Knowledge/Experience/Requirements:

2-4 years of relevant experience in cyber security with a focus on administration of security controls or SOC analysis; additional related work experience is a plus. Foundational skills in one or more areas of IT required: networking, operating systems, applications, or operations. Ability to support and improve the vulnerability management programs in both the on-prem and cloud environments. Solid knowledge of best practice in phishing analysis and response, including proactive campaign development, and experience managing investigation and reporting of phishing incidents. Natural curiosity that drives a need to understand the "why" Technical knowledge and experience with one or more of the following:
Security event logging and monitoring Identity and access management Incident handling
Must be able to operate with minimal supervision within the framework of assigned responsibilities and recognize when escalation to management is needed. Must be able to build and maintain cross-departmental relationships to facilitate ongoing security awareness and improved security posture. Solid communications skills based on clarity, precision, and timeliness. Scripting skills with Python or other language a big plus. Technical acumen with MS Office 365 tools, must be able to develop effective internal presentation and report materials. Skills with Jira and Confluence are a big

Certification Requirements

Security certifications such as Security+, SANS GIAC, or Cisco CyberOps Associate are a plus. Azure or AWS certification is a big plus, but not required.