Principal Security Operations Analyst

| Chicago


If you are a current Motorola Solutions employee, please click this link to apply through your Workday account.
Company Overview

At Motorola Solutions, we create technologies our customers refer to as their lifeline. Our technology platforms in communications, software, video and services help our customers work safely and more efficiently. Whether it’s helping firefighters see through smoke, enabling police officers to see around street corners, or reliably keeping the lights on in homes and businesses around the world, our work supports those who put their lives on the line to keep us safe. Bring your passion, potential and talents to Motorola Solutions, and help us usher in a new era in public safety and security.


Department Overview
Our team is growing in Salt Lake City, Seattle and Chicago, and we are looking for a Security Operations Analyst to join the Cloud Infrastructure Engineering (CIE) team, in the Motorola Solutions Software Enterprise business unit. The team you would be joining hosts and manages the suite of public safety SaaS applications known as CommandCentral (see https://www.motorolasolutions.com/en_us/products/command-center-software.html ).
Job Description

As a security operations specialist in CIE, you will be part of a team that is responsible for the security of mission critical systems that are used everyday by public safety and government agencies across multiple countries. In this role, you will also be working on a world-class team that uses state of the art technologies and techniques. Your efforts will help to shape engineering culture and standards across our software product organization.

Your main responsibility will be to ensure that the systems that we deploy are being properly monitored. You will work closely with application developers and platform engineers to understand the components in the system and the logs they generate. You will support the MSI 24x7 SOC during application onboarding and incident investigations.

You will monitor alerts from Azure Advanced Threat Protection (ATP), Twistlock Runtime Defenders, and other sources of alerts, triage the alerts and coordinate necessary remediations.

Responsibilities:

  • Understand system components in the CommandCentral SaaS and the logs they produce.

  • Identify specific log records needed to detect security events and create alerts based on those identified records.

  • Work with application development teams to ensure security events are being properly logged and identifiable as security events.

  • Design, hold and participate in game day exercises with simulated incidents.

  • Train SOC monitoring personal on basic alert triage techniques.

  • Perform threat hunting using the SIEM, IDS, Azure Security Center and other tools.

  • Investigating indicators of compromise. 

  • Performing triage on alerts by by pulling in system subject matter experts to determine the alert criticality and scope of impact. 

  • Work with other members of the cybersecurity team, the cloud infrastructure engineering team and applications development teams to understand the full impact of detected security events.

  • Support forensic analysis by providing information regarding logged network activity, access to storage accounts and other events of interest.

Qualifications:

  • Good interpersonal skills and ability to collaborate with a variety of work partners including developers, product management, tech support, legal, and senior management.

  • 3 years experience working as an analyst in a security operations center, including hands-on experience working with commercial SIEM products (such as Splunk, Arcsight, or QRadar).

  • A Minimum of 5 years of experience administering or monitoring both Linux and Windows systems. Strong familiarity with Linux is required.

  • Strong familiarity with using Elasticsearch/Kibana

  • Strong familiarity with cyber security concepts, common attack vectors and threat hunting techniques.

  • Familiar with the security logs generated by Linux, Kubernetes, Docker, Web Application Firewalls, and IDS/IPS systems. 

  • Strong scripting experience.

  • Strong familiarity with the functions of a WAF and IDS.

  • Strong familiarity with incident response planning and Incident response best practices. 

  • Familiar with modern web based application design and application security principles.

  • Familiarity with IP network concepts. NOC experience is a plus.

  • Familiarity with Identity Management OAuth, OpenID Connect and PingFed is a plus.

  • The following certificates are a plus, CISSP, CCSP, GCIA, GCIH, GCFA, or GCFE


Basic Requirements
  • Must be a U.S. citizen with the ability to obtain necessary security clearance as required by government contracts. Some contracts may have higher-level clearance requirements.

  • 5+ years of hands-on experience with managing, and monitoring both linux and Windows servers in cloud environments like Azure and AWS

  • 3+ years of experience with SIEM products

  • High school diploma


Travel Requirements
Under 10%
Relocation Provided
None
Position Type
Experienced
Referral Payment Plan
Yes


EEO Statement

Motorola Solutions is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran's status, or, any other protected characteristic.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • C++Languages
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • PerlLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • AngularJSFrameworks
    • ASP.NETFrameworks
    • DjangoFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • ITILFrameworks
    • MySQLDatabases
    • OracleDatabases
    • Google AnalyticsAnalytics
    • TableauAnalytics
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • JIRAManagement
    • Microsoft ProjectManagement
    • SmartsheetManagement
    • SalesforceCRM
    • GoogleEmail
    • MarketoLead Gen
    • Oracle EloquaLead Gen

Location

Located in the West Loop, one block from Ogilvie Train Station and Union Train Station. The office is also close to multiple CTA stops.

What are Motorola Solutions Perks + Benefits

Culture
Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Highly diverse management team
Unconscious bias training
Someone's primary function is managing the company’s diversity and inclusion initiatives
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Onsite Gym
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Child Care Benefits
Generous Parental Leave
We provide up to 6 weeks of parental leave for the primary caretaker. Acme Co. also provides 6 weeks of leave for the secondary caretaker.
Remote Work Program
Our remote work program includes telecommuting at Manager discretion.
Family Medical Leave
Employees who have been with the company for 12 months are eligible for 12 weeks of family medical leave.
Adoption Assistance
Vacation & Time Off Benefits
Generous PTO
Paid Holidays
Perks & Discounts
Casual Dress
Commuter Benefits
Game Room
Our game room includes Video Games.
Stocked Kitchen
Happy Hours
Happy hours are hosted At team's discretion.
Parking
We offer employees Paid on-site garage parking.
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Time allotted for learning
Online course subscriptions available
Paid industry certifications
More Jobs at Motorola Solutions75 open jobs
All Jobs
Finance
Data + Analytics
Dev + Engineer
HR + Recruiting
Internships
Legal
Marketing
Operations
Product
Project Mgmt
Sales
Marketing
new
Chicago
Developer
new
Chicago
Project Mgmt
new
Chicago
Project Mgmt
new
Remote
Project Mgmt
new
Remote
Operations
new
Remote
Operations
new
Remote
Developer
new
Chicago
HR + Recruiting
new
Chicago
Internships
new
Chicago
Internships
new
Chicago
HR + Recruiting
new
Chicago
Finance
new
Chicago
Developer
new
Chicago
Developer
new
Remote
Project Mgmt
new
Remote
Operations
new
Remote
Product
new
Remote
Project Mgmt
new
Remote
Sales
new
Chicago
Operations
new
Remote
Operations
new
Remote
Operations
new
Chicago
Operations
new
Remote
Project Mgmt
new
Remote
Developer
new
Chicago
Sales
new
Remote
Internships
new
Chicago
Sales
new
Remote
HR + Recruiting
new
Chicago
Sales
new
Remote
Data + Analytics
new
Chicago
Internships
new
Chicago
Internships
new
Chicago
Project Mgmt
new
Chicago
Operations
new
Remote
Internships
new
Chicago