We are looking for a motivated and results-oriented Senior Security Analyst to play a pivotal role in safeguarding ZoomInfo’s best in class data assets. This position will support the operational activities of the SOC team, to include monitoring and incident response. As a member of the Cyber Security Operations team, you will influence security policies and standards while also balancing security needs with user experience.

What you will do:

• Respond to escalations from tier 1 and 2 analysts, provide guidance in resolving complex security incidents.
• Contribute to the overall direction and improvement of the SOC.
• Analyze potential security incidents to determine the impact/scope of the incident using forensic analysis and incident response methodologies.
• Knowledge of digital forensics tactics, tools, and techniques to assist in incident resolution.
• Follow and help create Incident Response procedures and playbooks for preliminary log collection, incident investigations, determining root cause, containing the threat, and building protections against future infections.
• Interface and drive response/project work forwards with technical personnel and other teams in the ISO as well as the larger organization as required.
• Follow and help create escalation procedures to counteract and contain potential threats.
• Appropriately inform and advise the SOC and IR Managers on incidents and incident prevention, while helping to coordinate the Analyst Teams while functioning as site/shift lead(s).
• Drive documentation improvements of SOC processes/tools/knowledge based upon observations and feedback from the Analyst Teams.
• Conduct network, endpoint, and log analysis by utilizing various consoles on a regular basis (e.g., SIEM, IPS, firewall, EDR, Advanced malware detection etc.)
• Candidates are expected to help lead interactions with other team members, management, and other IT teams (Workstation, Network, Server, Cloud, etc.)
• Utilize a deep understanding of attack signatures, tactics, techniques, and procedures associated with advanced threats, while using security domain knowledge to improve our defenses/detection mechanisms
• Drive our automation and programmatic improvement of cyber response processes forwards

What you will bring:

• Working knowledge of SIEM, Incident Response, Log Analysis, Triaging, Cyber Threat intelligence, and automation solutions.
• Bachelor's degree in IT, InfoSec, Computer Science, or a related discipline.
• 4+ years working in Cyber Security Operations, with preferably 2+ years working in the higher tiers of SOC in a Cloud environment (AWS, GCP, Azure)
• Excellent oral and written communication skills with the ability to deliver accurate and concise information to stakeholders across the organization.
• Advanced and in-depth problem-solving & analytical skills demonstrated in an IT or security related area, preferable in a SOC/IR environment.
• Demonstrates passion about the information security field and cyber defense, including commitment to training, self-study, and maintaining proficiency in technical skills and knowledge.
• Demonstrates an understanding of IT and Cloud security practices and tools.
• Scripting background (Python, Perl, bash, etc.)
• Experience with Splunk Enterprise Security - advantage

Nice to have

• IT Security certifications (e.g., Security+, GSEC, GCIH, GMON, GCTI, GNFA, GCWN, GREM, OSCP, other advanced cyber security certifications, etc.)
• Innovative and willing to raise unique/original ideas.
• Prior work with malware labs/sandboxes is a major plus.
• Demonstrates a strong proficiency with endpoint, networking, and server operations.

#LI-MH

#LI-Hybrid