SOC Security Analyst - Senior

Overview:

POSITION OVERVIEW

Fidelity National Financial (FNF) is looking for a Senior SOC Security Analyst to join the Security Operations Center (SOC) team and support threat detection and incident response (IR) for FNF and its subsidiary environments. Transforms security operations, leverages advanced security technologies, automation, and AI to protect one of the leading Title and Escrow providers in the Nation from cyber threats. Utilizes next gen XDR and SIEM capabilities to perform analysis on high fidelity alerts, proactive threat hunting and investigations on complex cyber events.

LOCATION

Jacksonville, FL (HQ) preferred to work a hybrid schedule OR 100% remote

DUTIES & RESPONSIBILITIES

Owns and leads individual incident response activities by analyzing security alerts and coordinating responses. Perform in-depth event review and analysis where appropriate. Analyze events, research the potential cause, and recommend a course of action

Designs modern detective controls for emerging security risks and involved in innovative programs to enhance the firm’s security posture

Hunts for indications of compromise across multiple technology platforms

Continuously improves our alerting use cases and the threat hunting program

Stays updated on the latest security trends, vulnerabilities, and threat actors to continually improve the organizations security posture

Participates in on-call rotation schedule to provide 24/7 coverage for security incidents and emergencies

Documents/generates reports detailing security incidents for security leaders and the business

Conducts postmortem reviews of incident response (IR) activities, to facilitate continuous improvement

Researches security trends with the goal of improving our processes and tools

MINIMUM REQUIREMENTS

Bachelor's degree in computer science or related field

Requires 5 – 7+ years of experience working in a Security Operations role

Threat hunting experience

Familiarity with known cyber security frameworks including NIST and Mitre, ATT&CK, and fundamentals of kill chain analysis

Hands-on working knowledge of SIEM/SOAR/XDR Tools (Cortex XSIAM, Torq, etc.)

PREFERRED EXPERIENCE

Familiarity with the principles of network and endpoint security, current threat, and attack trends, and have working knowledge of security principles such as “defense in depth”

Familiarity with performing security Incident Response (IR) activities in complex organizations, with familiarity of the following: Endpoint Detection and Response (EDR) or Endpoint Forensics, Network Log Analysis, Public Cloud Defense (Azure, AWS, GCP, etc.)

Relevant industry certifications such as CISSP, GIAC, or CEH

Scripting knowledge (Python, PowerShell, etc.)

Forensic knowledge

Ability to assess and prioritize risks associated with alerts and events based on both industry knowledge and organizational context

Excellent analytical and problem-solving skills

Strong communication skills, both spoken and written

Permanent