Senior Security AnalystCarnaxide, LisbonHybrid, home & Office.Overview:As part of the CISO organization, this role will work closely with R&D, Manufacturing, IT, and other areas of the business to detect, analyze, contain, eradicate, and recover from cyber security events. Configures and manages tools supporting the Security Operations Center such as SIEM, EDR, vulnerability management, penetration testing, email hygiene solutions, and security forensics tools. Analyzes security events and provides advanced handling of escalated security issues. Responds to potential incidents as a member of the incident response team. Recommends and implements changes to security tools and procedures to enhance and automate SOC operations. Remains informed and aware of security threats and events across the industry.Will help mentor and educate peers and business partners on security best practices, technologies, and on new and emerging threats. Demonstrable communication skills, both written and verbally.Responsibilities:Monitors, triage, and respond to security events. Conduct security forensics to aid in the collection, analysis, and reporting of incidents.Conduct security assessments through vulnerability testing, risk analysis, and reporting.Conduct penetration testing on networks, computers, web-based applications, and other systems to detect exploitable vulnerabilities.Monitor security configurations for cloud resources including Office 365, Azure, and Amazon Web Services.Perform both internal and external security audits.Perform third party, vendor, and internal risk assessments.Participate as a member of the Computer Security Incident Response Team (CSIRT) providing investigation and analysis of security events.Assess and review security tools, configurations, and controls to identify opportunities for improvement.Perform process and control walkthroughs and document control narratives.Assist in the ongoing maintenance and process improvements of compliance programsMonitors security bulletins, alerts, and threat feeds for relevant threats.Maintain clear communications, documentation, and timely support for security policy and compliance activities.Occasional after hours and weekend work to perform tasks that cannot be done during business hours.Qualifications:Bachelor’s degree (B.A./B.S.) or equivalent in computer science or equivalent discipline from an accredited college or university required5+ years of experience in IT required2-5 years of experience in a security role or experience with security and networking hardware and software, including at least two years’ experience within a globally distributed networkRelevant information security and privacy certifications preferred, such as GCIH, GNFA, GCFE, GCFA, GSEC, or Security+Proven technical abilities administering host operating systems including Microsoft Windows, Mac, and LinuxExperience with Intrusion Detections, Network Forensics, and security technologiesExperience with cloud solutions such as Azure and AWS#LI-GA1#LI-Hybrid“This position requires direct or indirect access to certain confidential information, hardware, software, technology, or technical information (referred to here as “Export-Controlled Information”) controlled under the U.S. International Traffic in Arms Regulations (ITAR) and/or the U.S. Export Administration Regulations (EAR). All personnel in this position must be eligible to or be able to obtain authorization from the appropriate agency to access applicable Export-Controlled Information. The U.S. Department of Commerce currently requires a foreign person with a most recent citizenship or permanent residency of Sudan, Ukraine, or a country currently designated in Country Group D:1, E:1 or E:2 (Supplement No. 1 to Part 740, Title 15) to have an export control license to access our Export-Controlled Information, unless they meet certain exemptions provided under U.S. export control laws and regulations. The list of applicable countries in Country Group D:1, E:1 or E:2 may be updated by the U.S. government from time to time. The current processing time for an export control license is approximately 4 to 6 months. Your employment or engagement with Infinera shall be contingent on verifying your eligibility or requirement for obtaining a necessary license and/or authorization from the appropriate agency. You will be required to provide certain information for export control compliance assessment purposes, and your information will be reviewed by Infinera's hiring and export control teams to ensure compliance with the U.S. export control laws and regulations. Infinera will collect necessary documents (such as proof of citizenship etc.) to assess license/authorization requirements if you are offered and accept the position.”Infinera is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, disability status, protected veteran status, or any other characteristic protected by law. Infinera complies with all applicable state and local laws governing nondiscrimination in employment.
View Original Job Posting