Security Operations Analyst III

First Interstate Bank

Billings, MT

Apply

JOB DETAILS

SKILLS

Alliance/Partner Marketing, Americans with Disabilities Act (ADA), Analysis Skills, Applications Security, Automation, Benchmarking, CEH - Certified Ethical Hacker, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Communication Skills, CompTIA - Computing Technology Industry Association, CompTIA Security+, Computer Mouse Hardware, Computer Networks, Computer Security, Data Collection, Documentation, English Language, Event Management, GIAC - Global Information Assurance Certification, GSE - GIAC Security Expert, HIPAA (Health Insurance Portability and Accountability Act), High School Diploma, Homeland Security, Hunting, Identify Issues, Incident Response, Information/Data Security (InfoSec), Internet Protocols, Intrusion Detection Systems, Intrusion Detection and Prevention (IDP), Intrusion Prevention Systems, Keyboards, Leaching, Lift/Move 50 Pounds, Linux Operating System, Loss Prevention, Metrics, Microsoft Windows Operating System, Multiplatform/Cross-Platform, Network Monitoring, Network Security, Network Systems, Operational Audit, PCI, Physical Demands, Policy Evaluation, Process Improvement, Regulations, Risk, SCCP (Signaling Connection Control Point) Protocol, SSCP - Systems Security Certified Practitioner, Sarbanes-Oxley Act (SOX), Scorecarding, Security Analysis, Security Attacks, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Service Level Agreement (SLA), Social Security Administration, Spanish Language, System Operations, Threat Modeling, Unix Operating Systems, Wireless Security

LOCATION

Billings, MT

POSTED

30+ days ago

**If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal. This position can be located at our Sioux Falls, SD Downtown and Great West Center in Billings, MT. What’s Important to You We know your career is just one aspect of a meaningful, complex, and demanding life. That’s why we designed our compensation and benefits package to provide employees and their families with as much choice as possible. Generous Paid Time Off (PTO) in addition to paid federal holidays. Student debt employer repayment program. 401(k) retirement plan with a 6% match. The health and happiness of the places we call home matter to us. Learn a little more about what we do for the communities we serve and why we want YOU to be a part of it. We encourage you to apply. Reach for what you want and tell us why your work ethic and willingness to learn make you a natural fit for #TeamFirstInterstate. SUMMARY The Security Operations Analyst III is responsible for activities relating to monitoring and responding to security events. This position receives, researches, triages, and documents all security events and alerts as they are received. Also, this position supports multiple security-related platforms and technologies, interfacing with others within the IT organization, as well as other internal business units and external customers/partners. Events will be generated from endpoints, networks, security information and event management (SIEM) systems, threat intelligence platforms, employees, third parties, and other sources. Receives information sharing and analysis center (ISAC) information and guides hunting for potential compromise across the infrastructure. ESSENTIAL DUTIES AND RESPONSIBILITIES Monitors SIEM, EDR, and other security monitoring solutions; processes responses for security events on a 24x7 basis. Provides feedback to incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention). Stays current with and remains knowledgeable about new threats. Analyzes attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems. Guides and participates in threat modeling collaboration with other members of the security team. Guides and leverages automation and orchestration solutions to automate repetitive tasks. Assists with incident response as events are escalated, including triage, remediation, and documentation. Leads threat and vulnerability research across event data collected by systems. Leads, investigates, and documents events to aid incident responders, managers, and other SOC team members on security issues and the emergence of new threats. Works alongside other security team members to hunt for and identify security issues generated from the network, including third-party relationships. Shares information as directed with other team members. Manages security event investigations, partnering with other departments (e.g., IT) as needed. Evaluates SOC policies and procedures and recommend updates to management as appropriate. Adheres to service level agreements (SLAs), metrics, and business scorecard obligations for ticket handling of security incidents and events. Partners with the security engineering team and recommend improvements to tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities. Leverages knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security, and data networking, to offer global solutions for a complex heterogeneous environment. Maintains working knowledge of advanced threat detection as the industry evolves. Performs other duties as assigned. QUALIFICATIONS To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. KNOWLEDGE, SKILLS AND ABILITIES Experience driving measurable improvement in monitoring and response capabilities at scale. Experience working with SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP, and other network and system monitoring tools. Knowledge of a variety of Internet protocols. Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively. Working knowledge/experience with network systems, security principles, applications, and risk and compliance initiatives such as Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), Health Information Portability and Accountability Ace (HIPAA), Sarbanes-Oxley Act (SOX) and the General Data Protection Regulation (GDPR). Working knowledge of the MITRE ATT&CK Framework. EDUCATION AND/OR EXPERIENCE High School Diploma or General Education Degree (GED) required Bachelor's Degree in Information Technology, Security Engineering, or related field preferred 4-6 years of information security monitoring and response related experience required LICENSES AND CERTIFICATIONS CompTIA Security + preferred or CEH - Certified Ethical Hacker preferred or GCIF - GIAC Information Security Fundamentals preferred or SCCP - Systems Security Certified Practitioner preferred or CISA - Certified Information Systems Auditor preferred or CISM - Certified Information Security Manager preferred or CISSP - Certified Information Systems Security Professional preferred or OSCP - Offensive Security Certified Professional preferred or GSE - GIAC Security Expert preferred or PHYSICAL DEMANDS AND WORKING ENVIRONMENT The physical demands and work environment are representative of those that must be met or encountered to successfully perform the essential functions of the job. In compliance with the Americans with Disabilities Act, the company provides reasonable accommodation to qualified individuals with disabilities and encourages both prospective and current employees to discuss potential accommodations with the employer. Dexterity of hands/fingers to operate computer keyboard and mouse - Frequently Lifting - Occasionally (up to 50 lbs) Sitting - Frequently Standing - Occasionally Noise Level - Moderate Typical Work Hours - M-F (8-5) Regular and Predictable Attendance - Required **If you are a current FIB employee, please apply through the Career Worklet in the Employee Portal. First Interstate Bank is an equal opportunity employer committed to a diverse workforce and a barrier-free employment process. Employment is based solely on an individual's merit and qualifications directly related to the position. We do not discriminate on the basis of race, color, religion, national origin, ancestry, pregnancy status, sex, age, marital status, disability, medical condition, or any other characteristics protected by law. We make all reasonable accommodations to meet the obligations set forth under the Americans with Disabilities Act (ADA) and state disability laws. In order to ensure reasonable accommodations for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Assistance Act of 1974, and Title I of the Americans with Disabilities Act of 1990, as amended, individuals that require accommodation in the job application process for a posted position may contact us Monday through Friday, 8 am to 5 pm MST at careers@fib.com. All applicants must pass pre-employment screenings including a background check. First Interstate BancSystem participates in E-Verify which will require new employees to verify their identity and employment eligibility through the internet-based system operated by the Social Security Administration (SSA) and the Department of Homeland Security (DHS). E-Verify Notice English or Spanish Right to Work Notice English or Spanish

About the Company

First Interstate Bank

Resume Resources

Free Resume Templates Free Resume Builder