Would you like to be a part of the organisation where high energy meets intellect? If you get excited by solving puzzles and working in a collaborative environment, then Aptean wants to work with you!! Aptean is a leading global provider of industry-focused mission critical enterprise software solutions. Our solutions help nearly 6,500 organizations stay at the forefront of their industries by satisfying their customers and continuing to operate more efficiently. Headquartered in Alpharetta, GA, Aptean has offices in North America, Europe, and India, as well as an extensive Partner Channel. Our customers are located in 74 countries across Europe, Latin America, and North America. Aptean is focused on providing products and solutions to customers in specific verticals. Our products are rich in feature and functionality and delivered on premise, SaaS and Hybrid delivery models. Aptean’s products deliver value at lowest total cost of ownership and scale with needs of our customers. Most of our products and solutions are leaders in the vertical market segments they serve. Aptean uses its core values of Drive For Results, Win Together, Foster Innovation, and Be Courageous to guide its employee community to serve every customer in every geography and market.
Senior Security Analyst
Experience: 5 to 7 years
The Senior Information Systems Analyst is responsible for promoting, encouraging and supporting the safe and secure use of Information. You will be part of an innovative and service-orientated team of Security Operations Analysts focused on the investigation and clearance of security alerts as well as the proactive detection and investigation of potential indicators of compromise or malicious activity on Organization’s systems. You will be responsible towards escalation and co-ordination of security incidents and will collaborate with stakeholders in the wider security community to ensure an effective response to alerts and risks as they are identified. You will initiate, direct and manage threat hunting activities across the team ensuring the Organization’s data is used safely, proportionately and legally at all times.
Key Responsibilities and Accountabilities
Work within established security and risk management governance structures, usually under supervision to support, review and undertake straightforward risk management activities such as:
Helping with the analysis and derivation of business-supporting security needs
Undertaking Cyber Security related risk assessments, basic threat assessments and other risk management activities
Provide solution to address identified Cyber Security related risks by applying of a variety of security capabilities, which may include using published guidance, standards or experts as appropriate
Provide solution to address the effectiveness of risk mitigation measures, including an understanding of how to use different assurance activities (such as a pen test) and make recommendations for improvement
Help risk owners to make decisions that are well informed by good and clear security advice, including contributing to reports or working within established reporting chains in a security team.
Support the shaping of the monitoring strategy, ensuring requirements, policies and standards to govern all activities and outputs are met
Manage the monitoring, triaging, and investigation of security alerts on protective monitoring platforms to identify security incidents, reviewing analysis of security event data to manage security incident response, reporting, or escalation where appropriate.
Communicate the significance of the results of investigations and risk mitigation outcomes, guiding the organization in the improvement and maintenance of a robust response to new threats and attack vectors
Manage post-incident review, including root cause analysis, to feedback information and so improve monitoring
Provide specialist, tailored advice on mitigation, handling escalations with risk and service owners as appropriate.
Co-ordinate team scene investigation and capture evidence in accordance with legal guidelines to minimize disruption to the business and preserve evidentiary integrity, using specialist equipment as appropriate
Review evidence to identify breaches of policy, regulation or law
Present evidence as appropriate, acting as an expert witness if necessary.
Manage the creation and implementation and lead development of vulnerability assessments for IT estates, including but not limited to application vulnerability assessments and infrastructure vulnerability assessments.
Support the establishment of an appropriate protective security organizational posture to encourage an effective risk-based approach to security across the estate, considering political, economic, social, technological, legal and environmental considerations.
· SIEM (Security Information Event Management) monitoring