We're looking for a Senior Cyber Incident Response Analyst
to help us restructure and maintain our cybersecurity incident response and security operations processes. You'll be working on assessing our current processes around cybersecurity incident response & security operations, recommending and implementing changes, overseeing the processes, and leading incident response and operational activities. While based in our Belgium office (post COVID19) or remotely across Belgium (in accordance with Hootsuite's local employment entities), you will report to Director, Information Security. WHAT YOU'LL DO:
WHAT YOU'LL NEED:
- Oversee the incident response and security operations processes providing advisory and guidance in proactive threat hunting and remediation activities
- Take ownership of, and lead the Security Incident Response process, with support from the Director of Information Security.
- Develop and maintain processes and procedures for responding to security incidents
- Participate in the security incident response on-call rotation (24x7 rotation) and respond to threats by neutralizing and documenting them.
- Ensure logs and alerts are available from various security applications and sensors; correlating logs and utilizing threat hunting tools to identify anomalous activity and potential threats
- Manage and support security technologies related to the detection and response of security incidents (e.g., GuardDuty, PagerDuty, SIEM, etc.).
- Work closely with other security teams to develop tools to aid and enhance the incident response process.
- Set up new alerting and act as an advisor to developers and operation teams
- Keep up with the security threat landscape and provide recommendations to address the latest threats.
- Ensure the incident response process abides by the compliance requirements set forward by the Governance, Risk & Compliance (GRC) teams.
- Monitor and respond to security submissions by external security researchers.
- Conduct penetration testing as required by the GRC team
- Create and modify Information Security policies related to incident response
- Mentor, train, and provide feedback to other analysts to advance their skills and enable new ways of monitoring and detecting threats.
- Capture cybersecurity metrics in direct-support to executive-level briefings
WHO YOU ARE:
- Degree or Diploma in Computer Science or Engineering, along with cloud engineering certifications or willingness to obtain
- Established experience in a similar role to SOC Manager, Sr. Incident Response Analyst, and professional experience in one or more of the following roles - System Architect, Sr. System Administrator experience with incident management, change management and service request processes and tools, such as ticketing systems, and security incident and event management (SIEM) tools.
- Experience in maintaining and troubleshooting day-to-day operational processes, such as report generation, data verification, and data correlation.
- Experience working in a SAAS environment, with exposure to mobile application platforms is preferred.
- Security certifications (e.g., CEH, OSCP, CISSP) are considered an asset.
- Strong knowledge of systems and computer networks, along with familiarity with TCP/IP concepts, such as IP addressing schema, SMTP, HTTP, HTTPS, FTP, DNS, etc.
- Should have knowledge of OS environments such as Windows 7, Windows 10, Apple Mac, Linux, server-based OSs, etc.
- Understanding and exposure to security tools such as firewalls, IDS/IPS, A/V, anti-spam, content management, server, and network device hardening, etc.
- Ability to run tools such as nslookup, netstat, nmap, BurpSuite, etc., and review and accurately interpret network logs
- Familiarity with application programming languages is a definite advantage.
- Accountability: Holds self and others accountable to meet commitments
- Creativity and Innovation: seek new and better ways of doing things, generates original and imaginative ideas, products, or solutions
- Customer Focus: demonstrates a desire to proactively help and serve internal/external customers to meet their needs.
- Perseverance: pursues everything with energy, drive, and a need to finish-doesn't give up
- Priority Setting: focuses time/energy on the most critical issues/opportunities. Clearly understand how to assess the importance of tasks and decisions.
Share our values:
- Tenacious. You are determined to succeed, and you are motivated by the success of customers, colleagues, and the community.
- Curious. You are always learning and seeking ways to make things better.
- Conscientious. You keep your promises, taking your commitments to others seriously, and have strong integrity.
- Humble. You lead with humility and empathy, respecting, and learning from the perspectives of others.
We champion the power of human connection. We're united globally by our shared values of innovation, grit, humility, and passion for customer success. Make an impact:
Working at the speed of social, we create value for our customers by delivering solutions that power relationships at scale. Our pace of work enables fast learning and fosters an environment where you can stretch yourself and make an impact. Learn and grow:
We're committed to growing the capabilities of our people. We are building a learning community where you can work with diverse individuals, explore new ways of thinking, and expand your capabilities. Our employees are teachers and learners who work out loud and share their knowledge to enhance each other's growth.
We are dedicated to building a diverse community, one where employees feel a sense of belonging, and are valued for their contributions and the perspectives they bring. Our purpose is to champion the power of human connection and the heart of connection is inclusion. You belong here.
Accommodations will be provided as requested by candidates taking part in all aspects of the selection process.
Manufacturing and Production Operations and Logistics