Senior Security Monitoring and Response Analyst

Job Description

Our PurposeWe work to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. We cultivate a culture of inclusion for all employees that respects their individual strengths, views, and experiences. We believe that our differences enable us to be a better team one that makes better decisions, drives innovation and delivers better business results.Job TitleSenior Security Monitoring and Response Analyst The Emerging Corporate Security Solutions Implementations (ECSSI) team is looking for a senior analyst to join us in establishing monitoring and response tools, capabilities, logging, and alerting for cloud platforms and workloads. This role will be responsible for identifying and configuring solutions that enable our Security Operations Center (SOC) and other security teams to protect our cloud workloads from threats and respond to cloud incidents and events.Cloud platforms such as Azure and AWS contain a slew of native tools and capabilities that our Corporate Security teams can leverage to ensure we are protected and alerted to potential security incidents. This is where you come in. We are looking for a cloud security Rockstar who has experience with cloud platforms and cloud security tools to identify what solutions we should implement, how to configure those solutions, and how to operationalize outputs from those tools into meaningful logging, alerting, monitoring, and response capabilities for our SOC. You would be a member of a highly technical team who is responsible for identifying and implementing new tools and capabilities to secure our assets. tCan you demonstrate a good working level of knowledge in cybersecurity best practices, tools and solutions tCan you provide thought leadership on how to configure and implement security tools, logging, and alerting from cloud platforms like Azure and AWS tCan you configure those same tools via CI/CD pipelining tools like Chef, Ansible, Jenkins, and Terraform tCan you demonstrate technical proficiency in configuring technical policies and configurations for cloud-based Intrusion prevention, host anti-malware, data loss prevention, SIEMs, orchestration tools, and other security capabilities tCan you demonstrate successful cross-functional influence and partnership to enable business through technical decisions Responsibilities tConvert business and functional requirements into technical security policies, configurations, and processes for our internal customers. tConsult with internal customers to determine security capability gaps, opportunities for improvements, and other solution needs. tPlan and manage a group of related technology projects or activities in a coordinated way from inception through successful delivery tDevelop a deep understanding of the design approaches and technologies utilized for security in the cloud. tFocus on the customer experience, then build and delivery tools, capabilities, and/or processes to solve problems. tUnderstand the needs of the support and technical operations teams who have maintain and operate the system for the life of the system and provide solutions that meet their needs. tWrite documentation as required tCommunicate role up of project issues and status in a concise, accurate, and professional manner for senior leadership consumption, escalating blocking issues when appropriate tCommunicate progress, anticipate bottlenecks, provide escalation management, identify, assess, track and mitigate issues/risks at multiple levelsAll About You: tCloud Security and/or cloud platform certification desired. tIndustry recognized security certifications desired (GIAC, CISSP, etc) tPrevious experience working in a Security Operations Center or similar role a plus. tAdvanced knowledge of security capabilities/tools/solutions and constraints related to native Azure and AWS services, including relevant practical experience. tExperience with configuring logging ingestion from cloud platforms such as AWS and Azure to cloud based SIEM and orchestration tools. tGood understanding of continuous delivery/continuous integration (CI/CD) processes that follow Secure by Design principles tExperience working with APIs desired. tSIEM administration experience a plus. tGood understanding of firewalls, threat prevention and detection, and application security principles, both cloud-platform native and third party. tStrong technical writing and documentation skills. tA proven track record of transferring knowledge and management of tools to internal customers outside of your immediate team. tStrong interpersonal, communication, and presentation skills necessary for interaction with business leaders and teams across all levels of the organizationDue to COVID-19, most of our employees are working from home. We ve implemented a virtual hiring process and continue to interview candidates by phone or video and are onboarding new hires remotely. We value the safety of each member of our community because we know we re all in this together.Mastercard is an inclusive Equal Employment Opportunity employer that considers applicants without regard to gender, gender identity, sexual orientation, race, ethnicity, disabled or veteran status, or any other characteristic protected by law. If you require accommodations or assistance to complete the online application process, please contact reasonable.accommodationmastercard.com and identify the type of accommodation or assistance you are requesting. Do not include any medical or health information in this email. The Reasonable Accommodations team will respond to your email promptly.,

Keyskills :
data loss preventionsecurity operations centerequal employment opportunitynew hirescloud securitysecurity toolsloss preventiondigital economytechnical writingcorporate securitythought leadershipbehavioral training