at Alight Solutions LLC in Lincolnshire, Illinois, United States
Job Description
Our story
At Alight, we believe a company's success starts with its people. At our core, we Champion People, help our colleagues Grow with Purpose and true to our name we encourage colleagues to "Be Alight."
Our Values:
Champion People - be empathetic and help create a place where everyone belongs.
Grow with purpose - Be inspired by our higher calling of improving lives.
Be Alight - act with integrity, be real and empower others.
It's why we're so driven to connect passion with purpose. Our team's expertise in human insights and cloud technology gives companies and employees around the world the ability to power confident decisions, for life.
With a comprehensive total rewards package, continuing education and training, and tremendous potential with a growing global organization, Alight is the perfect place to put your passion to work.
Join our team if you Champion People, want to Grow with Purpose through acting with integrity and if you embody the meaning of Be Alight.
Learn more at careers.alight.com.
The Alight Global Security Operations team is seeking an experienced Security Operations Center Analyst. This role will require the right colleague to serve as a tactical and operational technical resource and to provide awareness of, and response to security incidents. In addition, this role will require the utilization and integration of threat intelligence to proactively hunt for and address threats and trends in direct partnership with Alight's business and technology organizations. You will also be expected to promote team spirit and enthusiasm, dispelling negativity, maintaining ongoing open dialog, and fostering ideas and talents of others.
This role is assigned to our evening shift 3 pm - 11 pm CST and will offer 10% Shift Differential Pay
As a Security Operations Center Analyst, a typical day toinclude the following:
Work as part of a team of Information Security professionals supporting a global enterprise.
Triage and respond to information security incidents reported via SIEM (Sentinel), ticketing system (ServiceNow), nd other sources.
Perform root cause analysis, document findings and collaborate with technology/process owners to prevent future occurrences.
Research, analyze and understand log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems.
Automate manual processes via scripting and utilization of various tools and platforms.
Perform raw data review in an effort to identify malicious activity for which signatures/content do not exist. Assist with the development of new content and tuning/filtering of existing content for SIEM, IDS/IPS, and other security technologies.
Assist management in ensuring the team is executing on core responsibilities such as working incidents through to completion, ticket queue maintenance, documentation evergreen, training requirements, etc...
Work with management to define /update standard operating procedures and response plans.
Serve as an escalation point for security incidents.
Manage or contribute to projects that directly correspond to the maturity and/or capabilities of the Security Operations team.
Qualifications
Direct involvementwith Microsoft Azure Sentinel, Microsoft Threat Protection suite of security solutions (Defender ATP, Azure ATP, Office 365 ATP, Microsoft Cloud Application Security), Azure Active Directory, Azure Security Center, Azure Log Analytics, Azure Data Exchange and M365 suite of solutions.
Hands-on experience for the following:
Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain events
Configure Sentinel Incidents, Workbooks, Hunt queries, Notebooks
Kusto Query Language (KQL).
Knowledge of computer networking: TCP/IP, routing and protocols.
Knowledge of packet structure and previous experience performing in-depth packet analysis.
Knowledge of Incident Response methodologies and information security best practices/technologies. GCIH, GCIA, CISSP or equivalent knowledge/experience required.
Knowledge regarding the administration, use, securing and exploitation of common operating systems.
Minimum of 2 years' experience utilizing HIDS/NIDS, SIEM, anti-virus, packet capture tools, host based analysis technologies in a security analyst capacity; preferably within a 24x7x365 operations environment.
Must be... For full info follow application link.
Alight Solutions provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, pregnancy, childbirth or related medical condition, veteran, marital, parental, citizenship, or domestic partner status, or any other status protected by applicable national, federal, state or local law. Alight Solutions is committed to a diverse workforce and is an
