Job Description
The Job
WarnerMedia seeks a Security Ops Center Analyst for the WM - ISO - Security Ops & Arch department. WarnerMedia SOC Security Analysts are the front line for the security operations, detection and response duties for AT&T and WarnerMedia. The team member will perform analysis and investigation of security events and make recommendations for mitigation. The team operates in a 24/7/365 capability. This role works closely with other security teams and across the AT&T company.
The Daily
60% Detection and Response
• Identify, monitor, investigate, and analyze security events and alerts
• Perform analysis for security events as detected by various host and network-based tools
• Drive remediation efforts for security incidents
• Interact with all levels of employees across the company in a professional manner
30% Detection and Response Maturity
• Enhance detections and alerts
• Enhance technical and administrative processes and procedures
• Document and communicate findings and after-action reports to leadership
10% Threat Intelligence
• Analyze and report on actionable threat intelligence
The Essentials
• 1-3 years of relevant experience or equivalent combination of education and work experience
• Ability to think critically and solve problems
• Ability to conduct root cause analysis of problems or security events
• Familiarity with Linux, MAC and Windows Operating Systems
• Experience performing log analysis from a variety of host-based and network-based sources
• Familiarity with EDR solutions
• Familiarity with SIEM platforms
• The ability to learn new technology and concepts quickly
• Ability to manage multiple priorities in a high-pressure environment.
• Familiarity with forensic evidence concepts
• Knowledge of exploits, vulnerabilities, malware families and common attack vectors
• Scripting (Python, PowerShell, bash), regex experience is preferred
The Nice to Haves
• Experience with firewalls, intrusion detection/prevention systems
• Effective in collaborating with teams in remote offices
• Any of these certifications - Security +, Network +, GSEC, GMON, GCIH, GCFA, or GNFA certification a plus
• Experience with performing security in cloud environments a plus
Jobcode: Reference SBJ-roe9n6-44-222-100-106-42 in your application.