Security Operations Center Analyst

Our story

At Alight, we believe a company’s success starts with its people. At our core, we Champion People, help our colleagues Grow with Purpose and true to our name we encourage colleagues to Be Alight.

Our Values :

Champion People be empathetic and help create a place where everyone belongs.

Grow with purpose Be inspired by our higher calling of improving lives.

Be Alight act with integrity, be real and empower others.

It’s why we’re so driven to connect passion with purpose. Our team’s expertise in human insights and cloud technology gives companies and employees around the world the ability to power confident decisions, for life.

With a comprehensive total rewards package, continuing education and training, and tremendous potential with a growing global organization, Alight is the perfect place to put your passion to work.

Join our team if you Champion People, want to Grow with Purpose through acting with integrity and if you embody the meaning of Be Alight.

Learn more at careers.alight.com.

The Alight Global Security Operations team is seeking an experienced Security Operations Center Analyst. This role will require the right colleague to serve as a tactical and operational technical resource and to provide awareness of, and response to security incidents.

In addition, this role will require the utilization and integration of threat intelligence to proactively hunt for and address threats and trends in direct partnership with Alight’s business and technology organizations.

You will also be expected to promote team spirit and enthusiasm, dispelling negativity, maintaining ongoing open dialog, and fostering ideas and talents of others.

This role is assigned to our evening shift 3 pm - 11 pm CST and will offer 10% Shift Differential Pay

As a Security Operations Center Analyst, a typical day to include the following :

• Work as part of a team of Information Security professionals supporting a global enterprise.
• Triage and respond to information security incidents reported via SIEM (Sentinel), ticketing system (ServiceNow), nd other sources.
• Perform root cause analysis, document findings and collaborate with technology / process owners to prevent future occurrences.
• Research, analyze and understand log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems.
• Automate manual processes via scripting and utilization of various tools and platforms.
• Perform raw data review in an effort to identify malicious activity for which signatures / content do not exist. Assist with the development of new content and tuning / filtering of existing content for SIEM, IDS / IPS, and other security technologies.
• Assist management in ensuring the team is executing on core responsibilities such as working incidents through to completion, ticket queue maintenance, documentation evergreen, training requirements, etc
• Work with management to define / update standard operating procedures and response plans.
• Serve as an escalation point for security incidents.
• Manage or contribute to projects that directly correspond to the maturity and / or capabilities of the Security Operations team.

Qualifications

• Direct involvement with Microsoft Azure Sentinel, Microsoft Threat Protection suite of security solutions (Defender ATP, Azure ATP, Office 365 ATP, Microsoft Cloud Application Security), Azure Active Directory, Azure Security Center, Azure Log Analytics, Azure Data Exchange and M365 suite of solutions.
• Hands-on experience for the following : Develop, automate, and orchestrate tasks(playbooks) with logic apps based on certain eventsConfigure Sentinel Incidents, Workbooks, Hunt queries, NotebooksKusto Query Language (KQL).
• Knowledge of computer networking : TCP / IP, routing and protocols.
• Knowledge of packet structure and previous experience performing in-depth packet analysis.
• Knowledge of Incident Response methodologies and information security best practices / technologies. GCIH, GCIA, CISSP or equivalent knowledge / experience required.
• Knowledge regarding the administration, use, securing and exploitation of common operating systems.
• Minimum of 2 years’ experience utilizing HIDS / NIDS, SIEM, anti-virus, packet capture tools, host based analysis technologies in a security analyst capacity;

preferably within a 24x7x365 operations environment.

• Must be willing to work 2nd shift; and work off hours in response to larger events.
• Minimum of 2 years’ experience analyzing log sources originating from security and networking devices such as firewalls, routers, proxy, anti-virus products, and operating systems required.
• Strong proficiency with Windows and Unix / Linux command line.
• Expert knowledge of obfuscation techniques used to encode / encrypt malicious traffic / data.
• Familiarity with a standardized incident response framework (SANS / NIST).
• Research and analytical background and an analytical approach; especially with respect to event classification, event correlation, and root cause analysis.
• Scripting experience with Python, Perl, SQL, and / or PowerShell required.
• Experience driving vendors and co-sourcing partners to successfully resolve problems.
• Must be able to react quickly, decisively, and deliberately in high stress situations.
• High level of ethics and core values.
• A strong passion for learning.
• Strong verbal / written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers.
• Willingness to serve as a member of an Incident Response Team (IRT) which may require responding to emergency calls during non-business hours.
• Highly motivated individual with the ability to self-start, prioritize, and multi-task.

Flexible Working

So that you can be your best at work and home, we consider flexible working arrangements wherever possible. Alight has been a leader in the flexible workspace and Top 100 Company for Remote Jobs 5 years in a row.

Benefits

We offer programs and plans for a healthy mind, body, wallet and life because it’s important our benefits care for the whole person.

Options include a variety of health coverage options, wellbeing and support programs, retirement, vacation and sick leave, maternity, paternity & adoption leave, continuing education and training as well as a number of voluntary benefit options.

By applying for a position with Alight, you understand that, should you be made an offer, it will be contingent on your undergoing and successfully completing a background check consistent with Alight’s employment policies.

Background checks may include some or all the following based on the nature of the position : SSN / SIN validation, education verification, employment verification, and criminal check, search against global sanctions and government watch lists, credit check, and / or drug test.

You will be notified during the hiring process which checks are required by the position.

Our commitment to Diversity and Inclusion

Alight is committed to diversity, equity, and inclusion. We celebrate differences and believe in fostering an environment where everyone feels valued, respected, and supported.

We know that diverse teams are stronger, more innovative, and more successful.

At Alight, we welcome and embrace all individuals, regardless of their background, and are dedicated to creating a culture that enables every employee to thrive.

Join us in building a brighter, more inclusive future.

Diversity Policy Statement

Alight is an Equal Employment Opportunity employer and does not discriminate against anyone based on sex, race, color, religion, creed, national origin, ancestry, age, physical or mental disability, medical condition, pregnancy, marital or domestic partner status, citizenship, military or veteran status, sexual orientation, gender, gender identity or expression, genetic information, or any other legally protected characteristics or conduct covered by federal, state or local law.

In addition, we take affirmative action to employ and advance in the employment of qualified minorities, women, disabled persons, disabled veterans and other covered veterans.

Alight provides reasonable accommodations to the known limitations of otherwise qualified employees and applicants for employment with disabilities and sincerely held religious beliefs, practices and observances, unless doing so would result in undue hardship.

Applicants for employment may request a reasonable accommodation / modification by contacting his / her recruiter.

Authorization to work in the Employing Country

Applicants for employment in the country in which they are applying (Employing Country) must have work authorization that does not now or in the future require sponsorship of a visa for employment authorization in the Employing Country and with Alight.

Note, this job description does not restrict management's right to assign or reassign duties and responsibilities of this job to other entities;

including but not limited to subsidiaries, partners, or purchasers of Alight business units.

LI-Remote p&tjobs

We offer you a competitive total rewards package, continuing education & training, and tremendous potential with a growing worldwide organization.

Salary Pay Range

Minimum : 72,200 USD

72,200 USD

Maximum : 114,500 USD

114,500 USD