I. Job Summary | Major goals and objectives.
The Sr. Information Security Operations Engineer position helps protect Meredith brands and Meredith client brands against various security risks and attack methods. This individual is a member of the Meredith IT Security team and works cross-functionality to respond to threats that may arise against our technology and application resources.
II. Essential Job Functions
Accountabilities, Actions and Expected Measurable Results
- Defend, monitor and respond to security indicators by correlating and analyzing a variety of application, network and host-based security logs across various computing environments (on-premise, cloud, SaaS, etc.) and determine the correct remediation actions and escalation paths for each incident.
- Configure, implement, and optimize security protection and detection capabilities such as vulnerability scanning, configuration compliance scanning, firewall reviews, intrusion prevention/detection systems, internet protection and log management infrastructure.
- Instrument systems and applications to detect and alert on attacks, and coordinate with security tools and automation to implement automation for detection, escalation and remediation. Perform risk analysis of vulnerabilities and threats, and evaluate efficiency of existing protection and detection mechanisms.
- Work with our infrastructure and applications teams to reduce the attack surface and harden configurations, architectures and data storage structures. Design, develop and implement automated incident response methodologies.
- Conduct incident response exercise and cyber defense drills to evaluate and improve processes related to threat detection, incident response, patching and remediation. Provide information regarding intrusion events, security incidents, and other threat indications and warning information to teams and leadership as part of incident response.
- Author post mortem reports to be provided to senior leadership following an intrusion or red team engagement.
- Perform threat hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and respond to threats. Maintain awareness of new and emerging security threats.
- Develop anomaly detection dashboards and reports to identify potential threats, suspicious activity and intrusions. Research industry trends, identify ongoing security threats, analyze new security testing tools, and provide recommendations on the need and usefulness of services and/or products. Gather threat intelligence and build, optimize, and develop systems for effective and efficient security response. Consult and provide risk management recommendations, cost analysis based on environment. Develop and design technical recommendations, and execute remediation and mitigation strategies.
Security and compliance operations:
- Performs daily operations and execution of security-related tools, processes and controls related to security prevention and defense initiatives. Supports solutions such as network proxies, intrusion detection/prevention systems, remote access, multi-factor authentication, security ev
- Help coordinate and drive remediation of identified risks and control deficiencies. Serves as technical and functional subject matter expert across multiple security domains, raising awareness and communicating security risks within the company. Supports and participates in incident response and technical investigations, as needed.
Provide prompt, courteous and professional customer service, and collaborate with business and technology staff to support Meredith Corporation objectives. Serves as technical and functional subject matter expert across multiple security domains, raising awareness and communicating security risks within the company.
Effectively communicate security concepts with both technical and non-technical individuals.
III. Minimum Qualifications and Job Requirements | All must be met to be considered.
Bachelor’s Degree in Information Assurance, Computer Science, Engineering or equivalent education and experience.
Beneficial: Industry certification such as CISSP, GCIA, GCIH, GPEN, GCFA, CEH, CISA, or CISM
Minimum 6 years in Information Security including 3 years’ experience as a member of a Security Operations Center (SOC) or investigating security incidents.
Specific Knowledge, Skills and Abilities:
- Working knowledge of IT environments including IT secure architecture, security technologies, security industry trends and direction, system and technology integration, audits, internet security, computer crimes and IT standards, procedures and policies.
- Experienced working within a fast-paced incident response team with knowledge of log correlation, forensics, security vulnerabilities and exploits.
- Experienced deploying security solutions, architecting detection and response solution to mature capabilities.
- Deep understanding of threats, threat actors, and indicator of compromise.
- Experienced with maturing strategic and tactical aspects of the Threat Intelligence program.
- Knowledge of the chain of custody process and properly securing evidence.
- Understanding of OWASP top 10, SANS top 25, and other attack vectors.
- Experience with various scripting and programming languages.
- Basic knowledge of IT audit and control, governance, asset management, software licensing, product and vendor evaluation, and training delivery.
- Working knowledge of IT systems management including change control, software process improvement, and technical writing/documentation.
- Experience with regulatory requirements related to SOX, GDPR and PCI.