SOC Security Analyst - Senior

POSITION OVERVIEW

Fidelity National Financial (FNF) is looking for a Senior SOC Security Analyst to join the Security Operations Center (SOC) team and support threat detection and incident response (IR) for FNF and its subsidiary environments. Transforms security operations, leverages advanced security technologies, automation, and AI to protect one of the leading Title and Escrow providers in the Nation from cyber threats. Utilizes next gen XDR and SIEM capabilities to perform analysis on high fidelity alerts, proactive threat hunting and investigations on complex cyber events.

LOCATION

• This positions sits onsite at our HQ in Jacksonville, FL.
• Hybrid schedule with 2-3 days work from home. 

DUTIES & RESPONSIBILITIES               

• Owns and leads individual incident response activities by analyzing security alerts and coordinating responses. Perform in-depth event review and analysis where appropriate.  Analyze events, research the potential cause, and recommend a course of action
• Designs modern detective controls for emerging security risks and involved in innovative programs to enhance the firm’s security posture
• Hunts for indications of compromise across multiple technology platforms
• Continuously improves our alerting use cases and the threat hunting program
• Stays updated on the latest security trends, vulnerabilities, and threat actors to continually improve the organizations security posture
• Participates in on-call rotation schedule to provide 24/7 coverage for security incidents and emergencies
• Documents/generates reports detailing security incidents for security leaders and the business
• Conducts postmortem reviews of incident response (IR) activities, to facilitate continuous improvement
• Researches security trends with the goal of improving our processes and tools

MINIMUM REQUIREMENTS

• Bachelor's degree in computer science or related field
• Requires 5 – 7+ years of experience working in a Security Operations role
• Threat hunting experience
• Familiarity with known cyber security frameworks including NIST and Mitre, ATT&CK, and fundamentals of kill chain analysis
• Hands-on working knowledge of Cortex XDR and/or XSIAM

PREFERRED EXPERIENCE

• Familiarity with the principles of network and endpoint security, current threat, and attack trends, and have working knowledge of security principles such as “defense in depth”
• Familiarity with performing security Incident Response (IR) activities in complex organizations, with familiarity of the following: Endpoint Detection and Response (EDR) or Endpoint Forensics, Network Log Analysis, Public Cloud Defense (Azure, AWS, GCP, etc.)
• Relevant industry certifications such as CISSP, GIAC, or CEH
• Scripting knowledge (Python, PowerShell, etc.)
• Forensic knowledge
• Ability to assess and prioritize risks associated with alerts and events based on both industry knowledge and organizational context
• Excellent analytical and problem-solving skills
• Strong communication skills, both spoken and written