Cyber Security Analyst (Sunday-Wednesday; Shift either 7a-5p or 12p-10p)
- Olathe, KS
- Permanent
- Full-time
- Provide recommendations to stakeholders on potential solutions to cyber security threats
- Create/update analytical paths (playbooks) based on trend analysis to triage and remediate security events to improve/prevent incident response while minimizing business impact
- Provide incident reporting for internal/external cyber investigations to support business functions
- Coordinate efforts with Security Engineering Team to enforce enterprise standards, policies, and regulations
- Analyze security events - network traffic, endpoint indicators, and various log sources to identify threats, assess potential damage, and perform countermeasures while considering business risk
- Perform research on the latest threats and technological advancements in combating adversarial tactics and make recommendations on potential solutions
- Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
- Review and validate security compliance reports to track business as usual and out of policy activities
- Serve as mentor to level 1 team members on the SOC, IT Operations, and Service Desk
- Ability to support Garmin’s Security Operations Center as needed and to support 24/7 coverage and weekend and/or night coverage may be required
- Bachelor’s Degree in Computer Science, Information Technology, Management Information Systems, Business, or related field AND a minimum of 1 year relevant experience OR an equivalent combination of education and relevant experience
- Possess analytical skills and strong ability to maintain composure and remain diplomatic under highly stressful situation
- Demonstrated experience and knowledge of security related technologies such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners and forensics tools
- Experience with system hardening techniques and methodologies
- Familiarity with MITRE ATT&CK Framework and Cyber Kill Chain methodology
- Strong multitasking skills to be able to effectively manage multiple activities, including cross-team dependent activities simultaneously
- Demonstrated effective verbal, written, and interpersonal communication skills
- Must be team-oriented, possess a positive attitude and work well with others
- Understanding of TCP/IP networking, web infrastructure applications, tools and processes used in security incident detection and response
- Security +, SecurityX and CySA+
- Other security certifications (GCIH, GCED, CISSP)
- Experience with cyber security policies and implementation of Risk Management Framework (RMF)
- Experience with NIST 800-53 and/or NIST Cyber Security Framework (CSF)
- Experience in Security Orchestration, Automation, and Response (SOAR) and Security information and event management (SIEM) Platforms
- Experience with log management platforms (Splunk, Elastic search/Logstash/Kibana - ELK / Elastic Stack)
- System administration experience: Windows and Linux/Unix Scripting OR development experience (Python, JavaScript, PowerShell, C#, Perl)