1+ months

Lead Security Operations Analyst

Cox Automotive
Atlanta, GA 30303
Apply Now
Apply on the Company Site
*Primary Location: *3400 New Hyde Park Rd, Atlanta, GA, US
*Division: *Cox Automotive
*Job Level: *Individual Contributor
*Travel: *No
*Schedule: *Full-time
*Shift: *Day Job
*Requisition Number: *202104515_21261325
*Job Summary:*
The* Lead Security Operations Analyst* is responsible for security monitoring and incident response for internal and external threats. They will be responsible for the evaluation and improvement of Data Loss Prevention controls across Cox Automotive businesses both domestically and international. They will also collaborate with internal IT teams and MSSP for security monitoring response, improvement of correlation and monitoring security events, and leads security monitoring projects.
*Primary Responsibilities:*

*Threat Detection*

* Subject matter expert on Data Loss Prevention and Data protection concepts.

* Overall responsibility for Security Operations to handle threat detection and response along with ensuring new DLP product deployments meet monitoring requirements.

* Conducts internal and external investigations and responds to internal and external security threats.

* Oversees, responds to, and remediates DLP (data loss prevention), Phishing, Abnormal Activity, and SIEM events from on premise and cloud systems.

* Collaborates with threat management and threat hunting/intelligence/IR team to continuously improve cybersecurity capabilities in identification, management, and response to threats in the most efficient and effective manner.

* Continuously improves security monitoring and response SLAs for remediating threats.

* Leads projects to implement advanced security monitoring techniques to identify malicious behavior on SaaS, cloud systems, network, servers, and endpoints.

* Operates and optimizes threat detection products for DLP, SIEM, Advanced Email Protection, EDR, AV, Cloud Security products, IDS and other industry standard security technologies.

* Understands and performs threat analysis utilizing industry standard frameworks (kill chain and diamond model).

* Proposes and helps review security plans and policies to improve the security environment.

* Maintains metrics, operational playbooks, process diagrams and documentation for security monitoring and response.

* Other duties may be assigned as needed to address new security threats facing the enterprise environment.

* Provides off hour support as needed for security monitoring and response activities.

*Incident Response*

* Works closely with MSSP services, external forensic providers, and in house IT teams to respond to and remediate security incidents both internal and external.

* Reviews compromised systems to identify root cause of security incidents and remediation actions that need to be taken.

* Research new TTPs (tactics, techniques, and procedures) that threat actors are utilizing to undermine enterprise IT environments.

* Provide timely detection, identification, and alerts of possible attacks/intrusions, anomalous activities, and misuse activities, and distinguish these incidents and events from benign activities.

* Correlate incident data to identify specific vulnerabilities and make recommendations that enable swift remediation.

* Plans, implements, and documents incident handling and response tasks and procedures.

*Emerging Threats Monitoring*

* Obtains information and stays up to date on the latest threats and security trends in a fast and efficient way to keep the enterprise environment protected.

*Service Desk and Incident Management*

* Assists in the investigation and resolution of security issues.

* Bachelors degree in Computer Science degree or related field or equivalent combination of industry related professional experience and education

* 7+ years experience in Infomartion Security

* Working experience with Information Security, Network Security, Insider threat, Security Monitoring, Incident Response, and Vulnerability Management

* Working experience with industry standard security technologies and services Firewalls, VPN, IDS, Endpoint Security, DLP, AV, Proxy, SIEM

* Strong experience with Data Loss Prevention

* Strong experience with SIEM event/log analysis and correlation


* GSEC, GCIA, GFE, GCFA, CISA, CISSP, CISM, or CIA certification(s)

* Network / System Administration experience

* Scripting and Development Skills (Python)

Who We Are
*About Cox Automotive*
Theres nothing ordinary about Cox Automotive. We are people of every background driven by our passion for mobility, innovation, client success and community outreach. We make buying, selling and owning (or simply using) cars easier for everyone. Touching more than 40,000 clients across five continents, we bring together the best brands and the best teams to propel the automotive industry forward. Some of those team members work for our iconic consumer brands like Autotrader and Kelley Blue Book, while others are creating the future of automotive at industry-facing brands like Dealer.com, Manheim and vAuto.

*About Cox *
We are the Cox family of businesses. Weve been making our mark since 1898 by building and evolving world-class businesses, staying true to our values, and encouraging top talent to always look for growth and impact while building a career with us. Our primary divisions - Cox Communications and Cox Automotive - are driving a new wave of innovation, powering smart cities with powerhouse broadband communications and pioneering greener, more progressive transportation alternatives for individuals and fleet operators. Were also expanding into new spaces like cleantech and healthcare to rev up our momentum toward building a better future for the next generation. Were looking for the talent today who will be our leaders tomorrow. Sound intriguing? Learn more about where we are today, where we hope youll be going with us, and the common purpose that unites us at coxenterprises.com.
Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, [visit our benefits page](http://jobs.coxenterprises.com/life-at-cox/benefits/).
Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individuals age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law. Cox provides reasonable accommodations when requested by a qualified applicant or employee with disability, unless such accommodations would cause an undue hardship.
Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.
Posted: 2021-10-15 Expires: 2022-01-08
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Lead Security Operations Analyst

Cox Automotive
Atlanta, GA 30303

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast