|Preferred GIAC Certifications||GSEC, GSOM, GSOC, GCIH|
|Contact Name||Nathan Poirier|
Staples is business to business. You’re what binds us together.
Our digital solutions team is more than a traditional IT organization. We are a team of passionate, collaborative, agile, inventive, customer-centric, results-oriented problem solvers. We are intellectually curious, love advancements in technology and seek to adapt technologies to drive Staples forward. We anticipate the needs of our customers and business partners and deliver reliable, customer-centric technology services.
What you’ll be doing:
The Senior Cyber Security Analyst I in the Security Operations Center will collaborate with the SOC analysts and other teams to help protect the organization from infiltration of Staples’ networks and computer systems by threat actors. The senior analyst will help coordinate incident containment, mitigation, and remediation efforts in accordance with policies and procedures. In addition, the senior analyst will act as lead SOC incident handler for high profile or high complexity incidents. The senior analyst will also facilitate escalations to team members and leadership based on threat and priority determinations. Next, the senior analyst will be expected to provide timely updates to management and stakeholders for security-related events and incidents. The senior analyst will support the enterprise incident response plan during critical incidents by providing technical expertise and leadership as required by the incident. This position reports to the Manager of the Security Operations Center.
Additional responsibilities will include mentoring and helping to upskill junior analysts by providing technical guidance, experience-based recommendations, and scenario training. To further mature the security operations center, the analyst maybe asked to develop procedures and runbooks for SOC analysts as well as identify opportunities to increase the fidelity of alerts through testing and tuning of existing use cases. Lastly, as a senior member of the SOC, the analyst will help serve as a subject matter expert on security-related issues, act as a voice for the SOC, and consult with other teams throughout Staples.
What you bring to the table:
• Real-world experience managing incident response situations of varying complexity.
• Desire to bring innovative ideas and experience to help further the SOC’s capabilities
• Ability to collaborate with fellow SOC analysts as well as other security and IT teams
• Determination and resiliency in finding root cause of events and incidents
• Desire to participate in security and IT projects as a representative of the SOC team
• Desire to learn new attack techniques, remediation techniques, exploits, and other security threats
• Desire to mentor and help junior analysts gain knowledge and experience
• Ability to communicate complex and technical issues to diverse audiences
• Customer-centric focus on resolving and responding to threats and inquiries
• Ability to use good judgement and have a high sense of urgency
• Strong organizational and communication skills
• Highest ethical standards and values
• Bachelors degree in computer science, cyber security, information technology, or related technology fields or 6-8 years of IT experience in lieu of a degree
• Six or more years experience as cyber security analyst reviewing and investigating security events
• Experience creating or testing incident response plans and procedures
• Experience with SIEMs and case management systems
• Experience with endpoint protection systems
• Experience with network and infrastructure technologies
• Experience creating incident reports and presenting findings to stakeholders
• Knowledge of tools, techniques and processes used by threat actors
• Ability to work under pressure and have strong decision-making capabilities
• Self-starter and with strong problem solving skills
• Collaborative and agile
• Able to work independently and manage ambiguity
• 1-3 years experience as lead Incident handler for security events
• Experience with cloud security and architecture
• Experience with security orchestration, automation, and remediation systems
• Experience with Threat Intelligence, Digital Forensics, Malware Analysis or related disciplines
• Ability to apply security frameworks – Cyber Kill Chain, MITRE ATT&CK, NIST
• Experience working Agile or SAFe Framework or methodologies
• Security Certifications (ISC2, GIAC - GSEC/GSOM/GSOC/GCIH, other industry leading certifications)
Inclusive culture with associate-led Business Resource Groups and resources such as the Social Justice Resource Center
Flexible PTO (22 days) and Holiday Schedule (7 observed paid holidays), Online and Retail Discounts, Company Match 401(k), Physical and Mental Health Wellness programs, and more perks and benefits
Interested in joining the team? Check out our perks and benefits !