Apply on Employer Site

Saab, Inc. · 2 months ago

Information Security Operations Analyst

East Syracuse, NY (Collamer)

Full-time

Onsite

Mid, Senior Level

$79K/yr - $99K/yr

Saab, Inc. is a leading defense and security company committed to keeping people and society safe. The Information Security Operations Analyst will be responsible for protecting the IT infrastructure by identifying security risks, implementing security protocols, and ensuring compliance with regulations.

Defense & Space

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Serve as a key member of the incident response team, leading the investigation and containment of security incidents, performing root cause analysis, and developing remediation plans

Manage and optimize our Microsoft security platforms, including Microsoft Sentinel, Microsoft 365 Defender (Endpoint, Identity, Cloud Apps), and Azure Security Center

Monitor and report on adherence to security policies, procedures, and controls. Assist with tracking compliance across various security frameworks (e.g., NIST, ISO 27001, CMMC)

Conduct information security risk assessments to identify vulnerabilities, assess potential impact, and recommend corrective actions to mitigate risk

Proactively hunt for security threats and vulnerabilities by analyzing security events, logs, and network traffic

Assist in the development, documentation, and continuous improvement of security standards, policies, and incident response playbooks

Help deliver security awareness training and communicate security best practices to both technical and non-technical stakeholders

Qualification

Microsoft security ecosystemKusto Query Language (KQL)Security informationEvent management (SIEM)Network security protocolsScripting PythonScripting PowerShellScripting BashRelevant industry certificationsAnalytical skillsCommunication skillsTeam collaboration

Required

Extensive experience with Microsoft's security ecosystem, including Sentinel, Microsoft 365 Defender suite, and Azure Security Center

Proficiency in Kusto Query Language (KQL) for threat hunting and data analysis is highly desirable

Comfortable scripting or automating tasks using Python, PowerShell, Bash etc

Strong understanding of security information and event management (SIEM) tools

Knowledge of network security protocols and technologies (e.g., firewalls, intrusion detection/prevention systems)

Experience leading or mentoring junior analysts or working in cross-functional teams

Excellent written and verbal communication skills

Strong analytical and critical-thinking abilities with a keen attention to detail

Ability to work both independently and collaboratively in a fast-paced environment

Must be a U.S. citizen

Candidates will be required to pass a pre-employment drug screen

Preferred

Relevant industry certifications such as Microsoft Certified: Security Operations Analyst Associate (SC-200), CompTIA Security+, GIAC certifications, or CISSP are preferred