Senior Security Analyst

Personal Capital

Personal Capital

IT
Remote
Posted on Wednesday, December 13, 2023

Senior Security Analyst

Apply Location Greenwood Village, Colorado Workplace Flexibility Remote Date posted 12/12/2023 Job ID R.0042777

Grow your career with a growing organization

Whether they’re helping people reach their long-term financial goals or providing personal wealth management strategies, every associate contributes to changing the lives of those we serve for the better. When it comes to job satisfaction, that’s hard to beat. And from a personal satisfaction perspective, you’ll enjoy the freedom to support causes that matter to you and experience a truly inclusive work environment. Your future starts now.

Empower is currently looking to add a new Sr Security Analyst to our Threat and Vulnerability Management team. This position is technical in nature and we are looking for a self-motivated professional who is driven to succeed in a fast-paced environment. This Sr Security Analyst will manage the Application Security Program, be responsible for driving key components of the TVM program across multiple cloud environments; will; evaluating vulnerabilities for applicability and the level of threat posed; research and investigation of security findings; evaluate and report on risks identified through various threat intelligence sources; and assisting with response and investigation of security incidents.

What you will do:

  • Day-to-day responsibilities of asset discovery, identification, monitoring, analysis for the identification of cyber security alerts, incidents, and events; and to continuously manage & improve our detection processes.
  • Develop Splunk Cloud ES SIEM platform and the overall detection use cases working alongside with team members.
  • When threats are identified, you will work closely with other areas of the security team to identify appropriate solutions.
  • Proven ability to distill complex technical information into clear, concise yet comprehensive communication material.
  • Leverage offensive security experience to coordinate the execution of cybersecurity solutions to benefit security engagements and mitigate cyber threats.
  • Improve operational efficiency by building and evaluating workflow processes, procedures, checklists, automation, and tooling.
  • Experience assessing, securing and managing with cloud infrastructure (AWS, Azure, Oracle)
  • hands-on experience analyzing and responding to security events, such as conducting log analysis, developing queries and analytics, troubleshooting security issues, and correlating complex data sets.
  • identify trends, insights, and relationships between internal and external data and intelligence sources to provide recommended risk mitigation.
  • Able to script and develop automations, preferably using Python

What you will bring:

  • Minimum of 5 years previous information technology security operations, and threat detection engineering.
  • Must have common knowledge of standard network infrastructure.
  • Possess a breadth of knowledge and experience across the information security domain, with familiarity in a combination of endpoint, email, network, identity management, cloud security; vulnerability management; incident response; and threat intelligence.
  • Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
  • Experience in highly complex technical environment, preferably within the financial services sector.
  • Previous experience should include security operations and monitoring, and incident response.
  • ​Familiar with Risk Based Alerting (RBA) frameworks and implementation.
  • Experience planning, deploying, and using Splunk Cloud ES SIEM and/or UEBA platforms.
  • Information security technologies, tools, and best practices with significant experience with SIEM, IDS/IPS, firewall, web application, and security event correlation.
  • Bachelor s Degree (Computer Science or Information Systems) or equivalent applicable experience
  • CISSP, GCPN, GWEB or OSCP

What will set you apart:

  • Prior experience applying relevant technical knowledge in at least one of the following areas: managing a Security Operations Center; engineering security solutions; consulting with other teams on best practices for security services, configurations, deployments, monitoring, and response.
  • Understanding of log collection methodologies and aggregation techniques.
  • Demonstrated working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling).
  • Coding experience a plus
  • Understanding of security models and frameworks such as MITRE ATT&CK, cyber kill chain, and NIST CSF.
  • Excellent organizational skills, including the ability to re-prioritize in a fast-paced changing environment. Proven track record of taking initiative and delivering results required.
  • Strong written and verbal communications skills with the ability to effectively communicate and influence at multiple levels within the organization required.

***Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment visa at this time, including CPT/OPT.***

What we offer you

We offer an array of diverse and inclusive benefits regardless of where you are in your career. We believe that providing our employees with the means to lead healthy balanced lives results in the best possible work performance.

  • Medical, dental, vision and life insurance
  • Retirement savings – 401(k) plan with generous company matching contributions (up to 6%), financial advisory services, potential company discretionary contribution, and a broad investment lineup
  • Tuition reimbursement up to $5,250/year
  • Business-casual environment that includes the option to wear jeans
  • Generous paid time off upon hire – including a paid time off program plus ten paid company holidays and three floating holidays each calendar year
  • Paid volunteer time — 16 hours per calendar year
  • Leave of absence programs – including paid parental leave, paid short- and long-term disability, and Family and Medical Leave (FMLA)
  • Business Resource Groups (BRGs) - internal networks that rally around common interest, experiences and identities such as race, ethnicity, gender, ability, military status and sexual orientation. BRGs play a vital role in educating and engaging our people and advancing our business priorities.

Base Salary Range

$99,600.00 - $140,700.00

The salary range above shows the typical minimum to maximum base salary range for this position in the location listed. Non-sales positions have the opportunity to participate in a bonus program. Sales positions are eligible for sales incentives, and in some instances a bonus plan, whereby total compensation may far exceed base salary depending on individual performance. Actual compensation offered may vary from posted hiring range based upon geographic location, work experience, education, licensure requirements and/or skill level and will be finalized at the time of offer.

Equal opportunity employer Drug-free workplace

We are an equal opportunity employer with a commitment to diversity. All individuals, regardless of personal characteristics, are encouraged to apply. All qualified applicants will receive consideration for employment without regard to age (40 and over), race, color, national origin, ancestry, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, religion, physical or mental disability, military or veteran status, genetic information, or any other status protected by applicable state or local law.

***For remote and hybrid positions you will be required to provide reliable high-speed internet with a wired connection as well as a place in your home to work with limited disruption. You must have reliable connectivity from an internet service provider that is fiber, cable or DSL internet. Other necessary computer equipment, will be provided. You may be required to work in the office if you do not have an adequate home work environment and the required internet connection.***

Want the latest money news and views shaping how we live, work and play? Sign up for Empower’s free newsletter and check out The Currency.

Apply