Senior Information Security Analyst

Dolby Sound San Francisco , CA 94118

Posted 8 months ago

Join the leader in entertainment innovation and help us design the future. At Dolby, science meets art, and high tech means more than computer code. As a member of the Dolby team, you'll see and hear the results of your work everywhere, from movie theaters to smartphones. We continue to revolutionize how people create, deliver, and enjoy entertainment worldwide. To do that, we need the absolute best talent. We're big enough to give you all the resources you need, and small enough so you can make a real difference and earn recognition for your work. We offer a collegial culture, challenging projects, and excellent compensation and benefits.

Summary

Dolby's Information Security Team promotes, develops, and implements various solutions to maintain a proactive approach to securing the organization. This includes leveraging best practice techniques and controls to continually improve our overall security posture.

As a Senior Information Security Analyst, you will:

  • Help protect proprietary information, user data, keep computer systems clean, implement security improvements, and provide a safe network environment for our users.

  • Work with infrastructure operations teams to ensure security appliances are configured to protect against various threats.

  • Be responsible for monitoring security information in a global environment, identifying threats, and taking actions on alerts.

  • Support penetration testing and vulnerability initiatives throughout the organization, mainly at the direction of IT management.

  • Mentor and collaborate with junior IT staff.

This position reports directly to the Cyber Defense Manager.

Essential Job Functions

  • Incident Detection and Response:

  • Monitor and respond to alerts generated by various security tools

  • Investigate intrusion attempts and perform in-depth analysis of exploits

  • Identify internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of information assets

  • Conduct proactive threat research

  • Analyze a variety of network and host-based security appliance logs to determine the correct remediation actions and escalation paths for each incident

  • Create incident reporting detailing incident events and lead post mortem reviews

  • Document all activities during an incident and providing leadership with status updates during the life cycle of the incident

  • Independently follow procedures to contain, analyze, and eradicate malicious activity

  • Cyber Defense Strategy:

  • Recommend security controls and or corrective actions for mitigating technical and business risk

  • Design and implement improvements for various security platforms

  • Research, evaluate, and recommend information-security-related hardware and software, including developing business cases for security investments

  • Assist in the creation, coordination, and completion of information security operations documentation

  • Security Operations:

  • Provide timely reporting to key stakeholders

  • Assist in and perform assessments on emerging technologies and legacy processes

  • Complete various aspects of vulnerability assessment, vulnerability management, configuration and patch verification, and compliance oversight

  • Produce vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness

  • Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall security operations functions

  • Provide information security subject matter expertise by consulting with IT teams and business units on information security inquiries and project support

Knowledge, Skills, Experience, and Education Required

  • Experience with cybersecurity methodologies, tactics, techniques, processes, and procedures

  • Candidate must be able to react quickly, decisively, and deliberately in high stress situations

  • Artful communication skills and organizational savvy to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concerns

  • Candidate must have effective critical thinking skills to adapt to a rapidly changing threat landscape

  • Eagerness to challenge the status quo balanced with a reasonable and methodical approach to effecting change

Knowledge, Skills, Experience, and Education Preferred

  • Degree in information assurance, computer science, information systems security or other technology related field from an accredited institution

  • Experience with network, SIEM, endpoint and cloud security tools

  • Experience with security automation methodologies and solutions

  • Knowledge of malware analysis tactics and techniques

  • Experience with developing and implementing machine and deep learning functions

  • Experience reviewing and analyzing network packet captures

  • Familiarity with threat intelligence toolsets and standards

  • Experience performing security/vulnerability reviews of network, server, and endpoint environments

  • Understand vulnerability assessments and has experience facilitating red-teaming, and penetration testing used to identify weaknesses and countermeasures

  • Understand attack surface reviews and multi-layer defense systems to prevent exploits, detect and intercept attacks, and discover threat agents

  • Familiarity with leveraging various API's to gather information and perform actions

  • Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns

  • Experience programming with Python, R, Shell Scripting, and/or other languages

  • Experience with various vulnerability scanning and management tools

  • Industry recognized professional certification such as CISSP, GCIH, GCIA, or equivalent

  • Experience with security in the software industry or focus on IP protection

  • Experience in working for or with Managed Security Service Providers

  • Experience working with incident response and vulnerability management teams

Dolby will consider qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code, Article 49, and Administrative Code, Article 12

Equal Employment Opportunity:

Dolby is proud to be an equal opportunity employer. Our success depends on the combined skills and talents of all our employees. We are committed to making employment decisions without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, national origin, religion, marital status, family status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions or any other classification protected by federal, state, and local laws and ordinances.

#LI-SX1


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Risk & Advisory Senior Security Analyst

Cbiz, Inc.

Posted 1 week ago

VIEW JOBS 10/12/2019 12:00:00 AM 2020-01-10T00:00 With over 100 offices and nearly 5,000 associates in major metropolitan areas and suburban cities throughout the U.S. CBIZ (NYSE: CBZ) delivers top-level financial and employee business services to organizations of all sizes, as well as individual clients, by providing national-caliber expertise combined with highly personalized service delivered at the local level. CBIZ has been honored to be the recipient of several national recognitions: 2019 America's Best Mid-Size Employers by Forbes, 2019 Best Workplaces in Consulting & Professional Services by Great Place to Work® and FORTUNE, 2019 Workplace Excellence Seal of Approval by the Alliance for Workplace Excellence, and one of the Top 101 highest scoring companies in the country for Best and Brightest Companies to Work For in the Nation by the National Association for Business Resources. CBIZ Risk & Advisory Services offers leading edge assurance and consulting services to help organizations navigate the perils of controlling a business in turbulent times. As part of CBIZ, the nation's eighth largest financial services provider in the country, CBIZ Risk & Advisory Services provides risk, internal control, internal audit, anti-fraud, and IT audit services to leading businesses across North America. Our San Francisco, CA office is currently hiring for a Senior Security Analyst. Essential Functions and Primary Duties: * Serve as a senior security analyst to manage teams of security analysts. * Leverage vast, detailed expertise in security disciplines and security principles, concepts, policy, and regulations. * Identify key concepts, factors, and risks based on conversations and document reviews, and document these in clear and concise narratives or graphical reports. * Work in a fast-paced environment with little supervision, maintain high organizational oversight to ensure task completion, and maintain compliance standards with local and federal cybersecurity regulations. * Analyze business and user needs, document requirements, and revise existing system logic difficulties, as necessary. * Review current security and privacy policies and procedures and write new policies and procedures based on client's requirements and NIST framework * Work with clients to mitigate cyber risk and threats * Design/review policies and procedures that support the successful implementation of cyber security programs * Guide and advise junior security analysts. Minimum Qualifications: * Critical and analytical thinking skills * Experience in delivering technical and governance guidance related to enhancing the security posture of information systems * Experience with using analytical techniques to assess system and audit issues and develop risk mitigation recommendations * Experience in the roll out of the security governance model, establishing policies, standards and best practices * Experience with National Institute of Standards and Technology (NIST) security controls and security Governance, Risk Management, and Compliance (GRC) processes * Excellent presentation, verbal and written communication skills; comfortable with leading discussions and/or training sessions * Possession of excellent client relationship and interpersonal skills * Possession of excellent time management skills to identify and prioritize tasks * Two or more years of professional experience related to information security, IT audit or risk management Preferred Qualifications: * Experience with Factor Analysis of Information Risk (FAIR) methodology * Experience with RSA Archer software * Possession of excellent oral and written communication skills * CISSP, CISA and OpenFAIR Certification desired Cbiz, Inc. San Francisco CA

Senior Information Security Analyst

Dolby Sound