Sr. Lead Cybersecurity Analyst_
Atlanta
Overview
Welcome to the Cybersecurity Incident Response & Operations team (CSIRT) at Chick-fil-A. We are a dedicated group focused on identifying and responding to cyber threats against our organization. As a Senior Lead Cybersecurity Analyst, you will apply your technical experience to help build and maintain capabilities around monitoring, detecting, and responding to cybersecurity threats, serving as a technical lead and subject matter expert on the team, and helping shape our team's efforts across the business.
Our Flexible Future model offers a healthy mix of working in person and virtually, strengthening key elements of the Chick-fil-A culture by fostering collaboration and community.
Responsibilities
+ Triage and respond to security events and incidents from various sources, primarily coordinating with your peers through our SOAR platform.
+ Partner with groups outside of Cybersecurity on triage and response efforts as needed for security events and incidents.
+ Identify and propose new technologies, methodologies, and/or approaches to detecting malicious activity.
+ Collaborate with peers on threat hunting and data analytics strategy and capabilities.
+ Contribute to the maintenance of a SIEM solution through defect fixes, content updates, and new use-case development.
+ Contribute to the maintenance of a SOAR solution through content updates and new use-case development.
+ Contribute to the maintenance of anti-phishing preventative platforms through new detection and triage rule development.
+ Collaborate with external security partners on detection and response to cyber threats.
+ Research threat landscape and trends to adapt our capabilities to keep pace with malicious actors.
+ Provide investigation findings to relevant business units to help improve cybersecurity posture.
+ Identify and conduct operational intelligence analysis to identify process and capability improvement opportunities for the CSIRT team.
+ Represent CSIRT team’s perspective and objectives in consultant-like collaborative efforts with Cybersecurity peers and colleagues in DTT.
+ Participate in threat modeling collaboration with other members of the cybersecurity team.
Minimum Qualifications
+ Strong understanding of cybersecurity principles, practices, and technologies.
+ Proficiency in using security tools such as SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), and anti-phishing platforms.
+ Experience in threat hunting, incident response, and forensic analysis.
+ Knowledge of networking protocols, operating systems, and cloud environments.
+ Familiarity with programming languages like Python, PowerShell, or scripting for automation.
+ Ability to analyze security events, incidents, and trends to identify threats and vulnerabilities.
+ Strong problem-solving skills to investigate and resolve complex cybersecurity issues.
+ Aptitude for researching and staying updated on the latest cybersecurity threats and trends.
+ Strong communication skills to articulate technical concepts to non-technical stakeholders and present findings to business units.
+ Flexibility to adapt to evolving cybersecurity threats and technologies.
Preferred Qualifications
+ Experience with Palo Alto Cortex XSOAR
+ Experience with Splunk Enterprise Security
+ Experience with Sublime Security
+ Experience with DataDog
+ Experience with AWS Cloud Services
+ Experience detecting and responding to threats in Kubernetes environments.
+ OSCP, GSEC, GCED, GCIH, CISSP, GMON
Minimum Years of Experience
5
Required Level of Education
High School
Preferred Level of Education
Bachelor's Degree
Job FunctionInformation Technology
Position TypeExperienced Professionals
Requisition ID2024-16998
Posting Location : LocationUS-GA-Atlanta