Security Operations Analyst II

Are you passionate about making a difference in people's lives? Do you enjoy working in a service-oriented industry? If so, this opportunity may be the right fit for you!

Modivcare is looking for an experienced Security Operations Analyst II to join our team. The Security Analyst is responsible for monitoring and triaging security relevant alerts and reports from company systems. This includes developing and implementing policies and configurations that trigger the security alerts, including those systems that are not security specific. Additionally, this role is responsible for developing and maintaining dashboards and collecting metrics that comprise those dashboards.

This role…

• Uses capabilities of existing tools and systems to configure security alerts to go to SIEM. and to be reviewed by the SOC analysts and Security Analysts.

• Works with the SOC to capture logs from security systems and non-security systems, and develop new alerts, rules, and playbooks.

• Works with the SOC and MSSPs to ensure alert scoping is adequate, thresholds are appropriate, and alerts are presented via normalized means.

• Documents all aspects of the alerting and monitoring systems to include points of log collection, event triggers, threshold conditions, response matrices, etc.

• Audits the health of log collection environment and routinely tests ability to alert on security events.

• Monitors control environment (endpoint defense systems, inventories, SaaS and IaaS controls, etc.) to ensure controls are operating effectively and are covering 100% of the intended environment.

• Develops a deep understanding of the security operations of all of the security tools and monitored systems.

• Tracks and responds to all incoming alerts from the SOC, the MSSPs, and from the systems monitored directly by the Security Analyst team.

• Performs tier 2 triage of all escalations from the SOC and MSSPs, tier 1 triage of all alerts that are directly monitored, and works with Security Engineering for all escalations beyond the Security Analyst team.

• Works with penetration testers and incident response specialists to complete their objectives.

• Participates in an on-call rotation for non-business hours alert response.

• Assists security engineers in investigations in and out of the scope of security alerts.

• Performs routine (daily, weekly, monthly, quarterly, and yearly) reporting on security events, trends, and system hygiene and posture, such as on IaaS environments and critical SaaS environments.

• Designs and builds the system and configuration components needed to capture the metrics by which security hygiene, monitoring and alerting health, and security program effectiveness are measured.

• Tracks KPI elements over time such that KPI trends can be determined and used as a feedback to the security program design.

• Works with IT GRC to provide operational support and reporting for vuln management systems.

• Assists IT Risk Analysts with the identification and documentation of risks throughout the environment.

• Works with Information Security, IT Operations, and IT Field Services to ensure the effectiveness of the patching program.

• Works with the IT GRC team to respond to SOX, HITRUST, SOC 2, HIPAA, and customer compliance requests.

• Supports the timely execution of IT General Control testing activities and evidence gathering.

• Assists Security Engineering with the design, configuration, and deployment of tools, configurations, etc.

• Monitors and react to incoming Incidents and Requests from the ITSM.

• Documents Changes in the ITSM and implements them within the confines of Change Control.

• Participate in other projects or duties as assigned.

We are interested in speaking with individuals with the following…

• Bachelor's Degree in Computer Science, Computer Engineering, or Information Security / Cyber Security.

• Three (3) plus years of experience in a full-time Information Security role or other technical role that lends itself to skills needed for Information Security, such as infrastructure or software engineering.

• Experience developing programs/scripts to interact with, and manipulate data from, systems such as AD, MS Graph API, etc.

• Experience with typical (syslog-based ) and advanced logging methods (API-based).

• Experience working within an ITSM, such as ServiceNow, JIRA, ZenDesk, etc.

• Technical security certificates preferred - e.g. SANS GIAC, vendor-specific security certs, etc.

• Non-technical security certificates a plus - e.g. ISC(2) CISSP, ISACA CRISC, etc.

• Or equivalent combination of education and/or experience.

• Security-relevant knowledge around Active Directory, Linux, Windows Server and Workstation OSs, and TCP/IP core tenets.

• Proficient in the use of MS Office tools and web-based collaboration tools.

• Knowledge of core security systems, such as NGAV/EDR, SWG, SIEM, NGFW/IPS, packet filters, WAF, DLP, vuln scanners, etc.

• Strong ability to use thinking and reasoning to solve a problem.

• Excellent ability to take care of the customers’ needs while following company procedures.

• Ability to make critical decisions while following company procedures.

• Ability to get along well with a variety of personalities and individuals.

• Ability to influence others to perform their jobs effectively and to be responsible for making decisions.

• Excellent ability to organize and direct oneself and effectively supervise others.

• Excellent ability to find a solution for or to deal proactively with work-related problems.

• Ability to effectively build relationships with customers and co-workers.

• Driven ability to complete assigned tasks under stressful situations.

• Excellent oral and written communication skills.

Salary: $67,500 - $92,800

Modivcare’s positions are posted and open for applications for a minimum of 5 days. Positions may be posted for a maximum of 45 days dependent on the type of role, the number of roles, and the number of applications received.  We encourage our prospective candidates to submit their application(s) expediently so as not to miss out on our opportunities. We frequently post new opportunities and encourage prospective candidates to check back often for new postings. 

We value our team members and realize the importance of benefits for you and your family.

Modivcare offers a comprehensive benefits package to include the following:

• Medical, Dental, and Vision insurance
• Employer Paid Basic Life Insurance and AD&D
• Voluntary Life Insurance (Employee/Spouse/Child)
• Health Care and Dependent Care Flexible Spending Accounts
• Pre-Tax and Post --Tax Commuter and Parking Benefits
• 401(k) Retirement Savings Plan with Company Match
• Paid Time Off
• Paid Parental Leave
• Short-Term and Long-Term Disability
• Tuition Reimbursement
• Employee Discounts (retail, hotel, food, restaurants, car rental and much more!)

Modivcare is an Equal Opportunity Employer.

• EEO is The Law - click here for more information
• Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled
• We consider all applicants for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, handicap or disability, or status as a Vietnam-era or special disabled veteran in accordance with federal law. If you need assistance, please reach out to us at hr.recruiting@modivcare.com