Senior Security Specialist - Threat Management

Overview

Information Security Senior Specialist - IS07EE

The Hartfords Information Protection (THIP) organization is seeking an experienced IT security professional to join a high-performing team responsible for governing, managing and delivering our companys cybersecurity defenses. As a Sr. Security Specialist, the selected candidate will have the opportunity to influence the strategic direction of our companys cyber security programs by providing thought leadership, professional support, and valued contributions to a range of activities. Ideal candidates will have strong technical skills across various security technologies, working knowledge of security incident response protocols, monitoring security technologies in an enterprise environment and an awareness of emerging cyber threats and trends.

This role within our Threat Management team will provide level 2 and level 3 Security Operations Center (SOC) and incident response escalation support for The Hartfords Incident Response (IR) team including threat hunting responsibilities. The candidate will collaborate and have significant interaction with The Hartfords SOC. This position plays a critical role in detecting and responding to potential security incidents while helping to improve The Hartfords incident response capabilities.

This position is responsible for performing day to day detection, triaging and responding to security incidents leveraging Hartford security information and event management technologies (SIEM). Specifically, this role has responsibilities for:

Responsibilities

Reviewing the on premise SIEM platform daily to detect potential security events, primarily to review, vet and triage L1 escalated events.

Providing support during standard business hours, as well as participating in a rotational, 24/7 on-call escalation schedule.

Perform analysis of logged security correlations and of event data from next-gen firewalls, endpoint security, packet capture, web proxies and other network and security technologies. Performing triage and investigation on incidents to determine risk level and remediation.

Review sourced vendor threat intelligence reports and conduct hunts in relevant technologies.

Using enterprise security technologies to continuously monitor the companys assets, conduct technical analysis of network traffic to identify anomalies and taking actions to respond to potential vulnerabilities and threats.

Escalation of priority incidents to infrastructure, security, and other internal teams as necessary.

Providing input to improve detection content and supporting the overall monitoring, detecting and cybersecurity incident response activities.

Identifying incidents through proactive hunting analysis of security-relevant data sets.

Taking an active role in supporting broader Security Incident Response protocols, including partnering with other technology areas to respond and recover in a coordinated and timely manner.

This role will have a Hybrid work schedule, with the expectation of working in an office (Hartford, CT or Charlotte, NC) 3 days a week (Tuesday through Thursday).

Qualifications

3+ years of work experience in Information Security and Threat Management disciplines

4+ years in similar technical roles, such as those working with networking, client and server management.

Experience in monitoring hybrid cloud environments is desired. (AWS, GCP, Azure, Microsoft M365)

Experience in NGAV and EDR tooling (Carbon Black / CrowdStrike / SentinelOne / MS Defender)

Experience writing search queries and navigating current and modern SIEM technologies

Experience using/querying TIPs (Threat Intelligence Platforms).

Knowledge of attack vectors (malware, web application, social engineering, etc.)

Understanding of behavior and capabilities of malware and identifying indicators of compromise and usage of sandboxing technologies or services.

Knowledge of various security methodologies and processes, and technical security solutions (firewall, packet analysis, SIEM, endpoint detection and response and intrusion detection systems)

Demonstrated experience in effectively partnering across organizational teams, working collaboratively with professionals that support end-user services, network technologies, cloud computing, infrastructure, and applications.

An ability to identify and assess the severity and potential impact of threats and communicate assessment findings in a way that consistently drives objective, fact-based decisions.

Strong decision-making capabilities with a proven ability to weigh relative business impacts against the importance of security measures.

A willingness to continuously learn and develop skills commensurate to this role and other potential growth opportunities within and across the organization.

Industry recognized certifications: ISC2, GIAC, ISACA certifications are preferred.

College degree in Computer Science, Information Security, Engineering, related field, or equivalent experience.

Candidate must be authorized to work in the US without company sponsorship. The company will not support the STEM OPT I-983 Training Plan endorsement for this position.

Compensation

The listed annualized base pay range is primarily based on analysis of similar positions in the external market. Actual base pay could vary and may be above or below the listed range based on factors including but not limited to performance, proficiency and demonstration of competencies required for the role. The base pay is just one component of The Hartfords total compensation package for employees. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition. The annualized base pay range for this role is: $116,400 - $174,600

Equal Opportunity Employer/Sex/Race/Color/Veterans/Disability/Sexual Orientation/Gender Identity or Expression/Religion/Age #J-18808-Ljbffr