|Location||Remote - West Coast Preferred|
|Preferred GIAC Certifications||GCIH or GCFA|
|Contact Name||Kelley Hoff, HR Mgr.|
Crane Co is looking for experienced professionals to join the Crane Co. Global Information Security Team! We have an exciting opportunity on our blue-team. You are an experienced Security Operations Center Analyst / Incident Responder who wants to take the next step in their career as part of a Global SOC. You are passionate about threat hunting, have a clear vision about next-gen SOCs and SOAR, and enjoy digging deep to find the bad guys as part of a growing global team.
Crane Co Global Infosec utilizes world-class tools and processes, and this role will provide opportunities to work in an important function joining our global security operations and incident response program. The ideal candidate will have solid proficiency in security incident and event management solutions, using modern IR approaches and tools, and experience with implementing and honing a myriad of detective and preventive controls in an enterprise setting. You must have a desire to collaborate with others while furthering your own development, contributing to continuous improvement initiatives, and have a genuine passion for infosec! Previous security operations center experience, threat hunting prowess, and endless curiosity required.
This is a vital role supporting our security operations and incident response program, where you will be working alongside a global SOC team, triaging, investigating, and prioritizing the analysis of incoming alerts. You will be driving critical incident response actions, and remediating threats throughout our global businesses. This position will provide exposure to best-of-breed security solutions in a diverse technology environment. You’ll work closely with our tight-knit security team, as well as with Information Technology professionals around the world to identify attacks and repel attackers. The ideal candidate for this position will be hands-on, proactive, and will be expected to be able to communicate effectively, be extremely detailed, and be process focused.
Responsibilities and Duties:
· The identification, investigation, response and remediation of security events and incidents.
· Analyze incoming threats for indicators of compromise in a global enterprise.
· Prioritize and triage investigations based on criticality and risk.
· Identify incidents for remediation, and prioritize incidents for actionable response.
· Develop and contribute to standard work and processes, playbooks, and analysis logic supporting automation efforts.
· Work closely with the broader global security team on the development and tuning of all security tools and solutions.
· Ensure accurate documentation and supporting metrics of all security alerts and all related activities supporting the incident response process.
· Support the development and analysis of the effectiveness of security tools and processes.
· Work closely with Information Technology to identify risks as a component of our vulnerability management program.
· Provide input to the maintenance and enhancement of related policies, documentation, and procedures.
· Contribute to the broader program to ensure best practices are identified and integrated into our approach and methodologies.
· Support the security infrastructure and operations function as required.
· Project ownership and delivery of security related projects.
Qualifications and Competencies:
· Senior level experience in security operation center function supporting medium to large enterprises performing incident response.
· Senior level competencies in analyzing threat data generated by security technologies such as EDR, firewalls, proxies, web and email filters, application allow-listing, sandboxing, SIEM, threat intelligence, vulnerability scanning, syslog, IDS/IPS, DLP, etc.
· Proven results developing and implementing methods, processes, and procedures for detecting, responding, and resolving computer security incidents.
· Deep understanding of present-day cyber-threats, attacker techniques and behaviors, and effective methods to both detect & repel these threats for a global organization with a distributed enterprise IT environment.
· Prior experience using automation tools leveraging custom development, scripting, and solution platforms .
· Prior experience writing tools to automate tasks and integrate various systems in Python, Powershell, and other scripting languages.
· Experience performing data normalization, correlations, and visualizations .
· Comprehensive knowledge and experience with administering enterprise-level Information Technology systems including networks, virtualization, cloud, operating systems, email, storage, databases, etc.
· Ability to work both independently and as part of a small, distributed team.
· Flexibility to work outside regularly scheduled/normal business hours as required.
· Familiarity with commonplace financial, privacy, and other regulatory requirements.
· Commitment to security training and earning corresponding certifications.
· Passion for solving complex problems.
· Highly motivated and self-directed.
· Excellent verbal and written communication skills, comfortable with presenting complex concepts.
· Ability to prioritize, schedule and track to deadlines.
· Required: US Person who is a lawful permanent resident US Person as defined under EAR PART 772 AND ITAR 120.15
· Required: Degree in a related field or at least 5 years relevant professional experience in Security Operations/Incident Management.
· Required: Technical professional security certification such as GCIH, GCFA, etc.
*Crane Co. is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, or national origin or any other characteristic protected under applicable federal, state, or local law.