The ideal candidate for this position possesses the skills to plan, maintain,and continuously improve Univisionís Information Security Operations. This position is based in Miami, FL and will report directly to the Director of Information Security. The candidate will be required to interface with internal management, customers, employees and consultants, across multiple clients and industries, to perform the required technical monitoring activities.
Responsibilities will include analyzing, resolving or escalating security events, identifying apparent attacks, breaches, or other pertinent data points that indicate atypical network traffic flow or user behavior, as well as correlating event data to produce baselines and generate alerts. Maintenance of security threat feeds received from industry sources and peers. Ability to understand computer forensic basics, as well as virus/malware etymology is a requirement. The candidate may on occasion be asked to analyze and document complex 0-day security threats that pose a risk to the organization.
SOC growth and/or automation development is expected over the next year, and thus the candidate must possess both strategic and technical capabilities to help drive and lead this growth. Potential candidate must be able to recognize network, operating system and intrusion detection security risks.
Documentation of standards and procedures, continued development and ongoing maintenance of the SOC run book is required.
Candidate will be a focal point to the organization to provide guidance and awareness of security solutions and requirement definitions. In addition, metrics on capacity, security controls, baseline deviations, event classifications, etc. is to be reported on a weekly basis.
Candidate will function as an escalation point for issues assigned to the Information Security team that cannot be addressed directly by junior engineers. Must have a fundamental understanding in a technical capacity of cybersecurity tools and systems such as SEIM, Firewalls, IDS, Web Proxy, Multi-Factor Authentication systems, NAC, etc., as well as the management ability to drive projects.
Engagement in cross-departmental communication and collaboration is expected to ensure that appropriate processes are followed, and that any cyber-security tools and configurations are correctly implemented, monitored, and operating/alerting effectively. Direct vendor engagement is required to drive security operational capabilities and enhancements as needed.
Situational awareness and communications is critical to this role. This position will be a core member of Univisionís Incident Response Team, and is expected to engage and assist other departments as needed in the event of an incident.
Other expectations include the implementation of various information security improvement and growth projects, assist with administrative support for InfoSec systems, as well as providing forensic support for eDiscovery when required.
Required Skills & Experience:
BS or MS Degree in Computer Science, Electrical Engineering, or related technical and applicable degree
along with experience.
CISSP, CompTIA Security+ Certified or similar certifications.
Knowledge of standard hacking methodologies.
3+ years related experience.
Good oral and written communication skills; strong presentation skills preferred.
In-depth knowledge of cyber-security systems and operations, network and data security basics, and protocol
Ability to work with both technical and non-technical teams and individuals.
Ability to manage projects in addition to standard operating workloads.
Desired Skills & Experience:
Experience with a wide variety of modern SIEM technologies (e.g. LogRhythm, HP ArcSight, or Splunk) with
regards to data correlation, and automation of manual processes related to audit and compliance.
Experience as part of a security operations team and day-to-day activities relating to security
Experience with vulnerability scanning and penetration testing and reporting
Experience with programming and scripting languages.
Knowledge of SQL database queries and concepts, as well as familiarity with regular expressions (REGEX).
Prior use of CMDB and Ticketing systems.