At AlixPartners, we solve the most complex and critical challenges by moving quickly from analysis to action when it really matters; creating value that has a lasting impact on companies, their people, and the communities they serve. By understanding, respecting, and honoring the needs of our employees, clients, and communities, AlixPartners actively promotes an inclusive environment. We strongly believe in the value that diversity brings to our experiences and are committed to the perpetual enhancements of initiatives, policies, and practices. We hold ourselves accountable by providing the space for authenticity, growth, and equity for everyone.
AlixPartners has embraced a hybrid work model to provide flexibility and support our employees' work-life integration. Our hybrid model combines a mix of in-person at an AlixPartners office on Tuesday, Wednesday, & Thursday and remote working options for Monday and Friday.
What you'll do
As a member of the Information Security (IS) team, the Security Operations Senior Analyst will contribute to the overall cyber defense of information assets and will conduct security monitoring, detection engineering, threat hunting, application of threat intelligence to improve preventative and detective controls and perform incident response investigations.
The Security Operations Senior Analyst is a full-time position located in Southfield, MI reporting to the Security Operations Team Lead. Paid relocation is not available.
Respond to, investigate, and analyze security events to determine appropriate actions
Analyze security system logs, security tools, and available data sources on a regular basis to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations
Conduct and apply detection engineering concepts to analyze, create, and tune detection logic and telemetry to ensure effective coverage and detection of existing and emerging threats
Gather information from other IT staff and non-IT staff to obtain information regarding security problems to networks, servers, endpoints, and applications.
Perform incident response activities and ensure that proper protection or corrective measures have been taken when an incident has been discovered
Assist with administration of information security controls and software such as endpoint protection, endpoint detection and response, intrusion detection/prevention (IDS/IPS), security incident and event management (SIEM), data loss prevention (DLP), and physical security systems
Expected to stay current on security industry trends, new threats and attack techniques, mitigation techniques, and emerging security technologies
Provide insight and participate in security projects to evaluate and recommend security products for various applications and platforms throughout the organization while supporting business initiatives
Assist with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOP).
Improve security efficiency and streamline/automate work processes while working collaboratively with other team members and IT staff to accomplish objectives
Participate in critical incidents and implementation reviews
Additional responsibilities as identified. This description is not designed to encompass a comprehensive listing of required activities, duties, or responsibilities
What you'll need
Highly motivated to work in information security
Minimum four (4) years of Information Security experience, or experience working in Information Technology
Bachelor's degree in Information Technology or related field preferred; work experience and background may be considered in lieu of formal education
Proven experience creating detection logic, SIEM rules, custom detections within EDR tools, etc.
Desire to continuously improve processes and procedures and share information with the team
Collaborative interpersonal skills with the ability to work well as an individual and as part of a team
Excellent written and verbal communication skills in English and any other local office language(s)
Ability to provide formal reports and presentations to people at all levels
High attention to detail with the ability to be organized and prioritize tasks so work is completed in an accurate and timely manner under time constraints
Proficient knowledge of information systems security concepts and current information security trends and practices
Working knowledge of infrastructure security tools such as firewalls, network security monitoring, anti-malware, OS hardening, etc.
Experience integrating security tools through scripting, using API's and improving existing processes through automated methods are a plus
Experience with Security Incident and Event Management (SIEM) and Endpoint Security tools are a plus
Incident Response, Forensics, and Malware Analysis experience is a plus
System administration and security hardening experience is a plus
Cloud security experience is a plus
Security Certifications such as the following are a plus (Security+, CISSP, GIAC certifications)
Willingness to work outside of normal U.S. business hours, and as unique... For full info follow application link.
AlixPartners is a global firm of senior business and consulting professionals that specializes in improving corporate financial and operational performance, executing corporate turnarounds and providing litigation consulting and forensic accounting services when it really matters – in urgent, high-impact situations. More information is available at www.alixpartners.com.
All qualified applicants will receive consideration for employment without regard to among other things, race, color, religion, sex, sexual orientation, gender identity, national origin, (age), status as a protected veteran, or disability. AlixPartners is a proud Bronze award-winning Veteran Friendly Employer.