Associate Analyst, IT Security Monitoring (Phoenix, AZ, US)
Location: Regents Centre North (PHX-52N1)
Additional Locations: None
Requisition ID: 29135
Overview
Join us for a career with endless possibilities.
Looking for a job where a passion for innovation, a culture of teamwork, and opportunities for growth are valued and rewarded? You’ve come to the right place.
You don’t have to be an airline aficionado to join American Airlines. It takes more than cool planes to keep us ahead of the curve, and thanks to our team of behind the scenes professionals, we do just that. As the largest airline in the world, American Airlines is in the business of serving the global travel needs of our customers. At the core of the Company is our commitment to each customer and each employee. We are dedicated to developing and delivering what our customers value and are willing to pay for. Customer-centric planning, innovative marketing, and an exceptional customer experience are supported by a cadre of talented people.
What does it take to join us? We’re glad you asked! We expect exceptional skills in your discipline and a dedication to being the best as we relentlessly pursue our goal of being not just the largest airline in the world, but also the best airline in the world.
Fortunately, we’re building on almost a century of innovation and firsts in our industry – and we plan to continue that tradition of excellence.
About The Job
This job is a member of the Information Security Team, within the Information Technology Division. The first-level CSARC (Cyber Security Analysis & Response Center) Analyst is responsible for the detailed and repeatable execution of all daily operational tasks as documented in processes and procedures. Specifically, the first-level Analyst will be responsible for timely monitoring, review, research and analysis of security events coming into the various CSARC channels (mailboxes, phone line, SIEM, etc.). They will also be responsible for updating relevant documentation (tickets, shift logs, etc.), and closing and/or escalating events, as necessary.
Specifically, you’ll do the following:
- Rapidly identifies, categorizes, prioritizes, and investigates events using all available CSARC log sources.
- Monitors incoming event queues for potential security incidents according to established operational procedures
- Performs initial investigation and triage of potential incidents, and escalates or closes events, as applicable.
- Monitors CSARC ticket (and email) queue for potential event reporting from outside entities and individual users
- Maintains CSARC shift logs with relevant activity
- Documents investigation results, ensuring relevant details are passed to second-level team members for final event analysis
- Updates/references CSARC collaboration tool, as necessary, for changes to process and procedure, ingestion of daily intelligence reports, and previous shift logs
- Collaborates with other CSARC teams on security research and intelligence gathering
- Works a flexible schedule, including nights and weekends, as needed to support the CSARC operation
Qualifications
Required Qualifications
- High School Diploma
- 1 year of Information Security experience
- Information Security Certification such as: Security+, CISSP, CISM, CISA, CEH, GCIH, GCIA, GCFA, GREM
- Experience monitoring services across multiple platforms
- Ability to work independently and manage one’s time to meet commitments and expectations
- Ability to remain organized and adapt to unexpected events, new facts, and rapidly changing circumstances
- Ability to thrive in a sense-of-urgency environment and leverage best practices
- Ability to effectively diagnose an issue and recommend a solution
- Ability to be flexible and focused to deliver products with different priorities and timelines
- Ability to build and maintain effective relationships with team members, customers, and external groups, as well as working in a collaborative environment with geographically dispersed resources
Qualifications (Continued)
Preferred Qualifications
- Bachelor’s degree in Computer Science, Computer Engineering, Technology, Information Systems (CIS/MIS), Engineering or related technical discipline, or equivalent experience/training
- 3 years of Information Technology experience
- 1+ years of Cyber Security (SOC) experience
- Ability to effectively communicate both verbally and written with all levels within the organization
- Ability to explain technical concepts and adjust messaging based on the audience, including non-technical groups
- Ability to influence through outstanding interpersonal skills, collaboration, and negotiation skills
- Ability to work well within a team environment, as well as independently
Additional Locations: None
Requisition ID: 29135
Apply Now
No comments: