SOC Analyst ( 3rd Shift) at Discover
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We’re all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.
The Discover Security Analytics & Incident Detection team is looking for new and qualified security analysts to join our ranks. Our team serves alongside other teams in Information Security as experts in the detection and analysis of all technology-related security incidents. We employ a multitude of enterprise-grade security solutions to achieve our goals. Our primary mission is the timely and accurate identification of incidents, mastery of the technologies and information we analyze, maintaining expert-level knowledge of detection tools and techniques, and proper escalation/hand-off of incidents for response and containment.
Were looking for talented, self-motivated professionals who have a strong passion for information security– and a burning desire to learn. Were interested in people who enjoy being challenged on a daily basis to stay one step ahead of an ever-changing landscape of threats and adversaries. Were also looking for individuals that are interested in working both collaboratively and independently to hunt down and identify anomalous and malicious activity, wherever it may be. Whether youre a seasoned information security professional or new to the field, were looking for new team members to join us in guarding our enterprise as the last and ultimate line of defense.
- Building and maintaining custom security detection logic to analyze and correlate information to produce meaningful, actionable results
- Monitoring of events & alerts from a multitude of technologies to detect malicious activity
- Detailed analysis using a variety of tools and techniques to investigate, navigate, correlate and understand security incidents to the fullest extent of the data available
- Tuning of rules, filters and policies for detection-related security technologies to improve accuracy and visibility
- Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest
- Maintaining documentation of logic, rules, policies, and procedures
- Proper escalation and hand-off of security incidents for containment and remediation
- Promote a risk-aware culture, ensure efficient and effective risk and compliance management practices by adhering to required standards and processes.
- Analyzes vulnerabilities, tunes/tests tools, and investigates security incidents to derive useful information in support of system/network vulnerability mitigation, and eliminate false positives. Evaluates vulnerabilities and assess threat severity and impact on corporate assets, including advising technical teams on vulnerability remediation techniques. Contributes to actionable intelligence in the form of reports, notifications, alerts, and briefings. Performs ethical hacking and penetration testing techniques on the perimeter. Supports mitigation and countermeasure strategies from collected threat intelligence. Recognizes security violations and takes appropriate action to report each incident as required.
- Identifies security issues and/or vulnerabilities and control impact, compromise, or denial of service by applying countermeasures. Performs ongoing assessment of team and program activities to identify opportunities for improvement. Ensures compliance to audit, regulatory, and legal requirements. Builds and maintains effective relationships with peers and internal business partners. Recommends appropriate and effective controls to address security concerns. Must make decisions quickly to implement countermeasures, address remediation, avoid an outage, and ensure system’s high availability.
Delivers metrics and performance reporting to enhance real-time risk decision-making and project prioritization. Analyzes data collected from a variety of cyber-defense tools and data-analytics solutions for the purposes of mitigating threats. Engages in reporting risk remediation assurance and automation/integration initiatives, and collaborates with stakeholders, at all levels, to ensure remediation is validated, risk is mitigated, and findings are fully closed/resolved.
Maintains knowledge of security threats and industry trends to provide tactical project guidance. Utilizes Cybersecurity solutions, analyzes events to mitigate risk, and achieve remediation. Works on cyber projects and contributes to delivering key milestones.
At a minimum, here’s what we need from you:
H.S. Diploma or GED
If we had our say, we’d also look for:
- Bachelor’s Degree in Information Security , Computer Science, Business Administration, Data Analytics, or related field
- 2+ years of experience in Information Security, Computer Science, Data Analytics, related certifications. or related field
- PMP, CEH, GIAC
- Working knowledge of common operating systems (Windows, Linux, etc.) and basic endpoint security principles
- Knowledge of (or a strong desire to learn) common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.)
- Rudimentary understanding of (or a strong desire to learn) common security technologies (IDS, Firewall, SIEM, etc.)
- Exceptional organizational abilities and attention to detail
- The ability to think creatively to find elegant solutions to complex problems
- Excellent verbal and written communication skills
- The desire to work both independently and collaboratively with a larger team
- A willingness to be challenged along with a strong appetite for learning
- The ability to work in a 24×7 shift-based operation
- The flexibility to adjust shift schedule based on the needs of the team
- 1-3 years of experience in Information Security, Incident Response, etc. (or related field)
- Prior experience detecting, analyzing and/or responding to security incidents
- Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies
- Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.)
- Knowledge of common security analysis tools & techniques
- Understanding of common security threats, attack vectors, vulnerabilities and exploits
- Knowledge of data science, data visualization, mathematics, and/or statistics
- Programming experience (Python, Perl, etc.)
- Knowledge of regular expressions
CompTIA Network+/Security+, CISSP, GIAC (GCIA, GCIH, GSEC, GPEN, GREM, etc.), OSCP, CEH, etc.
Discover Financial Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, among other things, or as a qualified individual with a disability.