Information Security Analyst II

The Information Security Analyst II is responsible for the security and availability of information assets at Omnicell. The analyst will maintain focus on monitoring, incident response, security awareness training, vulnerability management and other security and/or compliance related tasks. The position plays an important role in implementing effective information security & risk management solutions while providing key support necessary to protect the information assets of the company.

Responsibilities:

 

Work with the managed SOC provider, NOC, IT and business units to triage, investigate and remediate detected security alerts and incidents Conduct in-depth investigation of alerts.   Perform analysis and correlation of network traffic for OS and application level-alerts Tune signals and alerts in collaboration with SOC service provider Create new and maintain existing SOC standards, procedures and playbooks Responsible for threat monitoring and assists with incident investigation and response. Assists with monitoring, threat hunting, tracking, and analyzing networks/systems for potential security violations/anomalies and responding to incidents. Analyzes and correlates security logs and event data. Collaborates with adjacent IT teams in securing and monitoring network & server infrastructures, applications, filtering appliances, firewalls, and cloud-based services. Contributes to the development of security standards, access controls, and compliance requirements of applications, network infrastructure, servers, and workstations. Maintains awareness of current and emerging threat landscape. Compiles security & compliance metrics. Documents and escalates security incidents within specified/assigned systems to ensure timely follow-up and tracking. Documents procedures and policies, and trains staff in procedures.

Required Skills and Knowledge:
 

Strong understanding of IT Infrastructure components and concepts like networking, server administration, firewalls, access controls, and identity and access management. Ability to quickly triage multiple security alerts and assign the right priority based upon risk and confidence levels Strong understanding of encryption technologies. Knowledge of Identity & Access Management practices, systems, and controls. Experience performing security monitoring, alert triage and incident response duties in a SOC environment Excellent analytical and problem-solving skills. Security automation experience is desired Acts with integrity. Demonstrate the ability to adjust to changes in customer demands or operational goals. Results oriented and can demonstrate a 'can-do' attitude, adaptability, flexibility, and resourcefulness. Strong teamwork with peers with a consultative solution approach. Strong time management skills and the ability to multi-task. Excellent written, oral, and presentation skills. Excellent customer services orientation and experience in business-related interactions. Ability to work as a self-starter with minimal supervision. Ability to provide user support both remotely and in person. Desire to learn new skills and technology. Flexibility to work some off-hours and on weekends. 

 

 

 

Basic Qualifications:

 

5+ years work experience in IT related fields. 3+ years of cyber security, forensics, incident response, or threat hunting experience Experience using risk-based/cybersecurity frameworks, such as NIST, and knowledge of cyber incident management processes. Familiarity with Network-, Mobile Devices- and Windows Operating System Risks and Vulnerabilities. Cloud security operations, Cisco, and other network and firewall certifications and training a plus.


 

Preferred Qualifications:

Desired Certifications: CISSP, CCSP, GCIA, GCIH, GPEN or CEH.

 

Work Conditions:

Office Environment
Some travel (Once per quarter or less).

Disclaimer:  Nothing in this job description restricts management’s right to assign or reassign duties and responsibilities to this job at any time.