Oportun is hiring a
Senior Security Analyst

Summary

Join Oportun's team as a Sr Security Analyst and contribute to fostering a diverse, equitable, and inclusive culture. This role involves conducting technical analysis for events, including immediate containment, investigation, and management of remediation actions. As a 24/7 position on rotational shift, you will work closely with internal teams to develop effective solutions.

Requirements

• Bachelor’s degree in computer science, information systems or related field from an accredited institution OR 5 years of relevant experience in SOC, Incident response or Cyber Forensics
• Experience in decoding logs from different security devices like Firewall, proxy, EDR etc
• Experience in handling cyber incidents on a day to day basis
• Experience in performing L1 analysis of tickets and determining if its a false positive or not
• Experience in correlating incidents
• Experience in understanding network architecture and connecting events logically
• Ability to communicate efficiently with internal team members at all levels and across functional and organizational boundaries
• Working knowledge of the TCP/IP suite/OSI layers of protocols
• Conceptual knowledge of network and systems architecture
• Familiarity with Intrusion Detection Systems configuration and operation
• Web application architecture
• Active Directory Solid understanding of how major application layer protocols function (e.g., HTTP, SMTP, DNS)
• Knowledge of categories of malware and how they function (e.g., rootkits, trojans, adware, exploits, fileless)
• Organizational skills and time management/prioritization
• Comfortable working against deadlines in a fast-paced environment
• At least 3 years of prior SOC experience (can include internships)
• Ability to build a strong, positive relationship with partnering engineering and security teams to develop effective solutions
• Ability to sufficiently document engineering efforts and results
• Passion for Security, Technology and Automation

Responsibilities

• Monitor and analyze traffic and events/alerts escalated by L2 and advise on remediation actions
• Review and assess impact and remediation actions for incidents
• Creation and continuous improvement of monitoring alerts
• Deep analysis of security incidents to identify the root cause
• Create new rules in SIEM to identify threats
• Monitor and analyze traffic and events/alerts and advise on remediation actions
• Review and assess impact and remediation actions for incidents
• Investigate intrusion attempts and perform analysis of exploits by correlating various sources and determining which system or data set is affected
• Follow standard operating procedures for detecting, classifying, and reporting incidents
• Analyze a variety of network and host-based security appliance logs (EDR, Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
• Independently follow procedures to identify, contain, analyze, document and eradicate malicious activity
• Escalate information regarding intrusion events, security incidents, and other threat indicators and warning information to the client

Preferred Qualifications

Preferred Certifications (Security+, etc.)