[Hiring] Senior SOC Analyst - Incident Response @Edwards Lifesciences

Role Description

As an Edwards Sr. Analyst, Incident Response for Information Security, you will contribute to protecting Edwards organization, applications, and products by:

• Responding to security threats
• Designing and implementing detection use cases and threat hunts
• Managing log sources onboarding

This role is a vital part of our 24x7 Incident Detection and Response team to help protect Edwards.

How will you make an impact:

• Serve as key escalation tier (level 2 analyst) for on-call incident response resources
• Perform complex investigations as part of Edwards active security monitoring and threat hunting operations within SLAs
• Drive and design response and remediation actions to protect against security threats in Edwards environments and products
• Lead data ingestion efforts from identifying gaps, onboarding data sources, tuning and correlating them
• Lead the design, testing, and implementation of detection use cases to production
• Help drive threat hunting program
• Responsible for operations and maintenance of key cyber security capabilities and services in Detection Response area – SIEM (Google SecOps, Splunk, Qradar etc), Log Collectors (WEF, Cribl, NXLog etc)
• Design automation workflows to streamline detection and response efforts
• As needed, participate in CIRT team efforts
• Provide coaching, mentoring, and knowledge transfer to other team members
• Document and maintain incident response technical playbooks and incident timelines
• Stay informed on the evolving cybersecurity threat landscape to drive innovative detections, threat hunts, and automations to drive Edwards’ security posture

Qualifications

• Bachelor's Degree in related field
• At least 4 years of experience in Information Security SOC, CIRT or SIEM teams

Requirements

• Participation and leading information security incident handling efforts
• Provide and build detailed investigation timelines including documentation, improvements, and recommended action items
• Expert with Google SecOps or other SIEM solutions (Splunk, Qradar etc)
• Expert with log collectors' management (WEF, Cribl, NXLog etc), parsing experience
• Experience with SOAR platforms operations (Torq, PaloAlto XSOAR etc)
• Experience with threat hunting operations and/or design
• Certifications in related discipline preferred (e.g., CEH, CISM, CISSP)
• Expert of IR concepts, data tuning, SIEM, forensics, cloud monitoring
• Knowledge of common attack vectors and methods, MITRE framework
• Scripting experience preferred
• Proficient analytical and problem-solving abilities to identify and mitigate potential security risks
• Strict attention to detail
• Ability to partner with other information security and IT experts for escalation of security alerts and onboarding log sources
• Substantial understanding of troubleshooting techniques with the ability to adapt and learn new technologies
• Ability to provide guidance to assigned teams on implementing information security standards and designs
• Excellent organization and time management skills
• Excellent verbal and written communication skills

Benefits

• Competitive salaries
• Performance-based incentives
• A wide variety of benefits programs to address the diverse individual needs of our employees and their families

Company Description

For Poland, the base pay range for this position is 150,000 zł - 213,000 zł (highly experienced). The pay for the successful candidate will depend on various factors (e.g., qualifications, education, prior experience).