Senior Security Analyst

JOB_REQUIREMENTS

Hires in

Not specified

Employment Type

Not specified

Company Location

Not specified

Salary

Not specified

Senior Security Analyst

- - - - - - - - - - - -

Core Technical Competencies:

Operating Systems Expertise: In-depth knowledge of Red Hat Enterprise Linux (RHEL), CentOS, Ubuntu, and Windows Server (2016, 2019, 2022).
Infrastructure as Code (IaC): Proficient in using IaC tools such as Terraform, CloudFormation, and Ansible for effective infrastructure management.
CI/CD Tools: Hands-on experience with CI/CD tools, including Jenkins, GitHub Actions, GitLab CI/CD, and Azure DevOps, for automating deployment processes.
Containerization and Microservices: Familiarity with container technologies (Docker, Kubernetes) and principles of microservices architecture.
Automation Frameworks: Ability to design automation frameworks and develop/execute test scripts to facilitate security testing and compliance.
Scripting Proficiency: Preferred experience with scripting languages such as PowerShell, Python, Ansible, or Bash for automating security tasks.
Policy Compliance Knowledge: Extensive understanding of compliance policies related to Windows Server operating systems, security settings, and OS hardening practices.
Technical Expertise: Serve as a technical expert in cybersecurity matters, providing guidance and resolving complex security issues for other teams.
Tool Experience: Familiarity with tools such as EGP, ServiceNow, Grafana, OCS, and cloud posture management tools for security monitoring and management.
Adaptability: Ability to learn new tools, languages, and operating systems quickly through training and practical experience.
Mentorship Role: Provide technical direction and support, acting as a mentor to junior analysts and team members in security operations.

Skills and Experience:

In-depth expertise in IT infrastructure, with Level-3 proficiency in Linux administration and scripting capabilities, aimed at optimizing daily operations.
Over 5 years of experience in infrastructure security, with a focus on vulnerability management, cybersecurity management, and IT operations.
Proficient in cybersecurity tools and frameworks for endpoint security, patch management, and vulnerability scanning.
Strong monitoring skills for compliance activities across Windows and Linux systems, particularly in antivirus (TrendMicro) and vulnerability management.
High attention to detail, ensuring accuracy in documentation and processes.
Excellent communication skills to articulate systems, processes, and workflows to diverse audiences.
Familiarity with account revalidation activities and their related processes.

Key Responsibilities Specific to Michelin:

Develop Power BI dashboards, create PowerApps based on business needs, and utilize Power Automate for automating workflows related to legacy infrastructure activities.
Manage periodic account revalidation processes, ensuring compliance with MGSR guidelines, and automate end-to-end procedures where applicable.
Drive documentation initiatives for key security topics in collaboration with the DAP group security team.
Serve as the point of contact for Global Transversal in the monthly patch forum, handling exclusion requests.
Produce and automate Monthly Patching Reports and Server Reboot Reports.
Review operational documentation for coordination and format compliance, including Knowledge Base (KB) updates and resource planning for on-call support. Prepare documentation for KPI computations (SOP).
Implement Patching KPIs as expected by the SSI Team.
Act as the account manager for partners, approving account requests and deletions.
Contribute to internal control activities and the Middleware patching RACI & roadmap.
Manage ThreatCon alerts as reported by delivery partners.

Similar jobs