Security Analyst – Platform
Discover. A more rewarding way to work.
At Discover Financial Services, you’ll find yourself in the company of some of the industry’s smartest and most reliable professionals. And at a company that rewards dedication, values innovation and supports growth.
Thrive in an environment that promotes teamwork and shared success. Build on a foundation of mutual respect. Join the company that understands rewarding careers like no other, with this exceptional opportunity:
Security Analyst – Platform
Job Description
The Discover Security Intelligence & Incident Response Team (SIIRT) is looking for qualified security analysts to join our ranks. Comprised of several sub-teams, Discover’s SIIRT group oversees all information security detection, response, and intelligence efforts for the enterprise.
SIIRT currently has an opening on one of our newest teams, SIIRT Logic, Design & Instrumentation (SIIRT-LDI). This highly specialized team of skilled analysts serves as experts in creating detective tools and logic for our Security Operations Center (SOC) and related enterprise teams. Our primary mission is to enable our analysts to efficiently find, triage, and analyze potential security incidents and related items of concern. To achieve these goals, we have a wide variety of tools, techniques, and datasets at our disposal. We utilize an innovative blend of commercial and home-grown solutions to ensure the best possible tools are deployed to meet our analysts’ needs.
As we continue to build out our detective tools and capabilities, we’re looking for talented, self-motivated, and experienced professionals who have a strong passion for designing and deploying solutions to hunt down and identify anomalous and malicious activity. We’re interested in people who enjoy being challenged on a daily basis to stay one step ahead of an ever-changing landscape of threats and adversaries. Whether you’re a seasoned SOC analyst or a security engineer in search of a unique and exciting challenge, we’re looking for new team members to join us in guarding our enterprise as the last and ultimate line of defense.
Responsibilities:
- Full-lifecycle development and support of home-grown security tools and solutions
- Integration and upkeep of various security tools
- Monitoring, and reporting of platform operational health and stability
- Partner with other members of the team to analyze new tools and technologies to empower our analysts and incident responders
- Creation of visualizations and telemetry to accurately depict operational status and increase situational awareness
- Maintaining documentation of tools, logic, policies, and procedures
- Serving as a lead on team projects and providing guidance to more junior team members
- Acting as a representative of the team for larger company projects and initiatives
- Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
Skills
Skills Required:
- 1-3 years of experience in an engineering or security-related role
- Experience with Log Ingestion, Database, and Analytics (Splunk, Cassandra, Mongo, Hadoop, ELK Stack, Syslog)
- Experience with system health monitoring and alerting
- Basic Networking, System, and Cloud administration experience (RHEL, AWS, Ansible, Chef, Puppet, Docker)
- Experience creating and/or supporting tools and platforms for an operations-centric team
- Scripting experience (Python, Ruby, Javascript, Bash, PHP, Perl, Powershell, etc.)
- Familiar with coding in a complied language (C\C++, Go, Rust, Java)
- Comfortable with the Splunk Query Language (SPL)
- Experience with a versioning control system such as Git
- Experience with API integrations, building middleware and ETL processes
- Exceptional organizational abilities and attention to detail
- Experience in leading large-scale long-term projects
- The ability to think creatively to find elegant solutions to complex problems
- Excellent verbal and written communication skills
- The desire to work both independently and collaboratively with a larger team
- A willingness to be challenged along with a strong appetite for learning
- Ability to participate in an on-call rotation
Skills Desired:
- 5+ years of experience in an engineering or security-related role
- Previous experience with big data analytics
- Hands-on experience with common security technologies (SIEM, IDS, Firewall, WAF, etc.)
- Software development experience
- Knowledge of common security threats, attack vectors, vulnerabilities and exploits
- Working knowledge of common operating systems and basic endpoint security principles
- Knowledge of common networking services and protocols
- Knowledge of data science, data visualization, mathematics, and/or statistics
- Prior experience in a large-scale enterprise
Preferred Certifications:
GIAC (GCIA, GCIH, GSEC, GPEN, GREM, etc.), OSCP, CEH, etc.
#LI-KE
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.