Join the leader in entertainment innovation and help us design the future. At Dolby, science meets art, and high tech means more than computer code. As a member of the Dolby team, you'll see and hear the results of your work everywhere, from movie theaters to smartphones. We continue to revolutionize how people create, deliver, and enjoy entertainment worldwide. To do that, we need the absolute best talent. We're big enough to give you all the resources you need, and small enough so you can make a real difference and earn recognition for your work. We offer a collegial culture, challenging projects, and excellent compensation and benefits.
Dolby's Information Security Team promotes, develops, and implements various solutions to maintain a proactive approach to securing the organization. This includes leveraging best practice techniques and controls to continually improve our overall security posture.
As a Senior Information Security Analyst, you will:
Help protect proprietary information, user data, keep computer systems clean, implement security improvements, and provide a safe network environment for our users.
Work with infrastructure operations teams to ensure security appliances are configured to protect against various threats.
Be responsible for monitoring security information in a global environment, identifying threats, and taking actions on alerts.
Support penetration testing and vulnerability initiatives throughout the organization, mainly at the direction of IT management.
Mentor and collaborate with junior IT staff.
This position reports directly to the Cyber Defense Manager.
Essential Job Functions
Incident Detection and Response:
Monitor and respond to alerts generated by various security tools
Investigate intrusion attempts and perform in-depth analysis of exploits
Identify internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of information assets
Conduct proactive threat research
Analyze a variety of network and host-based security appliance logs to determine the correct remediation actions and escalation paths for each incident
Create incident reporting detailing incident events and lead post mortem reviews
Document all activities during an incident and providing leadership with status updates during the life cycle of the incident
Independently follow procedures to contain, analyze, and eradicate malicious activity
Cyber Defense Strategy:
Recommend security controls and or corrective actions for mitigating technical and business risk
Design and implement improvements for various security platforms
Research, evaluate, and recommend information-security-related hardware and software, including developing business cases for security investments
Assist in the creation, coordination, and completion of information security operations documentation
Provide timely reporting to key stakeholders
Assist in and perform assessments on emerging technologies and legacy processes
Complete various aspects of vulnerability assessment, vulnerability management, configuration and patch verification, and compliance oversight
Produce vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall security operations functions
Provide information security subject matter expertise by consulting with IT teams and business units on information security inquiries and project support
Knowledge, Skills, Experience, and Education Required
Experience with cybersecurity methodologies, tactics, techniques, processes, and procedures
Candidate must be able to react quickly, decisively, and deliberately in high stress situations
Artful communication skills and organizational savvy to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns
Candidate must have effective critical thinking skills to adapt to a rapidly changing threat landscape
Eagerness to challenge the status quo balanced with a reasonable and methodical approach to effecting change
Knowledge, Skills, Experience, and Education Preferred
Degree in information assurance, computer science, information systems security or other technology related field from an accredited institution
Experience with network, SIEM, endpoint and cloud security tools
Experience with security automation methodologies and solutions
Knowledge of malware analysis tactics and techniques
Experience with developing and implementing machine and deep learning functions
Experience reviewing and analyzing network packet captures
Familiarity with threat intelligence toolsets and standards
Experience performing security/vulnerability reviews of network, server, and endpoint environments
Understand vulnerability assessments and has experience facilitating red-teaming, and penetration testing used to identify weaknesses and countermeasures
Understand attack surface reviews and multi-layer defense systems to prevent exploits, detect and intercept attacks, and discover threat agents
Familiarity with leveraging various API's to gather information and perform actions
Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
Experience programming with Python, R, Shell Scripting, and/or other languages
Experience with various vulnerability scanning and management tools
Industry recognized professional certification such as CISSP, GCIH, GCIA, or equivalent
Experience with security in the software industry or focus on IP protection
Experience in working for or with Managed Security Service Providers
Experience working with incident response and vulnerability management teams
Dolby will consider qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code, Article 49, and Administrative Code, Article 12
Equal Employment Opportunity:
Dolby is proud to be an equal opportunity employer. Our success depends on the combined skills and talents of all our employees. We are committed to making employment decisions without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, national origin, religion, marital status, family status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions or any other classification protected by federal, state, and local laws and ordinances.