Senior Security Operations Center AnalystBusinesses United Technologies Research Center Job ID 40760 Date posted 08/14/2018 City Cork State Munster Country Ireland
United Technologies Corporation (UTC) is a diversified company that provides a broad range of high-technology products and services to the global aerospace and building systems industries. Its commercial business -Otis Elevator Company and UTC Climate, Controls & Security, a leading provider of heating, ventilation, air conditioning, fire and security systems, and building automation and controls. The company's aerospace businesses include Pratt & Whitney and UTC Aerospace Systems
Learn more www.utc.com
United Technologies Corporate headquarters is seeking an experienced and motivated individual to join the Corporate Digital staff to support the Security Operations group at our Cork, Ireland facility.
The Security Operations Center (SOC) Senior Analyst Position is responsible for helping to safeguard the company's assets, intellectual property, and computer systems in support of the company's business objectives. The applicant will be responsible for detecting cyber attacks, and escalating or remediating as necessary. The SOC Analyst works among a team of skilled analysts to address complex or difficult problems as needed within a Cyber Security Fusion Center environment.
The focus of this role is working within the UTC Cybersecurity department reporting to the Associate Director Cyber Security and Risk Managment and Lead.
Job responsibilities are:
1. Collects, analyses and enriches event information and perform threat or target analysis duties.
2. Interprets, analyses, and reports all events and anomalies in accordance with Computer Network Directives, including initiating, responding, and reporting discovered events.
3. Manages and executes multi-level responses and addresses reported or detected incidents.
4. Providing reporting and metrics around security monitoring by designing dashboards for asset owners and management consumption.
5. Coordinates and distributes directives, vulnerability, and threat advisories to identified consumers.
6. Develops focused reporting and briefings for advanced cyber threats and activity to various teams and leaders.
7. Ability to do deep dive investigations on complex incidents.
8. Improving the service level for security operations and monitoring. Creating and maintaining system documentation for security event processing.
9. Act as Subject Matter Experts for analysis functions, providing support on more involved cases and guiding the activity of other analysts through collaboration act as the lead coordinator for the SOCs response to individual information security incidents.
10. Act a SME and trainer to T1 personal as needed/ Mentor security analysts regarding risk management, information security controls, incident analysis, incident response, SIEM monitoring, and other operational tasks in support of technologies managed by the Security Operations Center.
11. Teach other SOC Analysts about both traditional and unconventional ways to detect, analyze, and mitigate security incidents and other anomalies
12. Regularly recommend new SOC practices and approaches to address program improvement
13. Ensures security logs are generated, collected, correlated, and monitored.
14. Performs analysis duties, including:
15. Development of Data Dictionaries for log sources to confirm which fields and values are needed or useful for Security Monitoring
16. Review of available logs to confirm there are adequate quantities and content to usefully provide Security Monitoring
17. Review current tooling to identify incremental monitoring opportunities, and communicate needs to engineering teams that support SOC
18. Triage SIEM alerts to determine False Positive, Incident, or Technology Misconfiguration
19. Perform research at the request of Incident Response teams
20. Perform case management activities to ensure successful BAU Security Monitoring Operations, including:
21. Documenting case activities in the system of record
22. Documenting current case notes sufficient for effective shift handover, as well as reviewing current status via phone call or in person
23. Engaging in all forms of communications (e.g. phone calls, instant-messaging, web page updates) to ensure cases are efficiently investigated by all approved parties, regardless of what company, department, or team they are a member of/
24. Author Standard Operating Procedures (SOPs).
25. Creating incident detection "use case" needs, logic, and implementation methods
26. Creating "use case" alert triage workflows
27. Training documentation
Bachelor's Degree in Computer Science, Computer Engineering, Information Security, or related security discipline(s). Master's Degree preferred or not required
This position is based at UTC Research Center (UTRC) European hub in Cork, Ireland. To be eligible to apply, candidates must be legally entitled to work and reside in Ireland.
Candidates can apply online at: http://www.utrc.utc.com/ by selecting Careers on top left hand corner and then selecting "SEARCH NON-US JOBS". This brings you to the UTC Aerospace Systems page, select "Ireland" under country tab on your left hand side. This will display all open positions at UTRC Ireland.
United Technologies Corporation is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status.
% Travel Required: < 10%
Please note your application form may be reviewed by staff members within the United Technologies Corporation Group at their business locations in America, China and Europe. If you do not consent to this please notify us at the application stage or if during the interview process you change your mind, please notify us and we will obtain the information which has been shared with our global offices.