Full Job Description
The RealPage Information Security Operations team monitors and manages risks associated with threats and vulnerabilities faced by our infrastructure, platforms, and systems. We work closely with our teammates from IT, Product Development, and across the business to coordinate and execute our vulnerability management and incident response strategies and capabilities. We work with industry-leading tools and implement creative solutions to complex problems.
WHAT YOUâLL DO:
As an Incident Response analyst, you will work directly with our security teams and partners across IT and the Application teams to contain and remediate security incidents, as well as designing solutions to improve the overall security architecture for the enterprise. Success in this role will be determined by your deep analytical expertise, including deep packet analysis, malware analysis, deobfuscation skills, insights into endpoint analytics, and detailed log analysis. You will be called upon to flex your offensive security skills in order to drive rapid containment and remediation of security incidents, as well as your interpersonal skills to coordinate response with your teammates. Broad experience with security analytics including host logs, endpoint investigations, and network analysis are critical skills for this role. After-hours/overnight shift work may be required.
PRIMARY RESPONSIBILITIES:
Develop, communicate, and manage Incident Response processes, guidelines, and standards
Develop and implement security monitoring use cases driven by threat intelligence
Conduct periodic threat hunting exercises to actively discover suspicious activity across the enterprise
Conduct periodic exercises to test the effectiveness of process and controls
Collect and analyze key data and telemetry during a security incident
Coordinate containment and remediation tasks with cross-functional teams
Complete all required incident documentation and reporting within established timeframes
Drive improvements as a result of incident lessons learned
Implement automation in order to improve incident analysis and response.
Align process and outcomes to app applicable regulations and cybersecurity frameworks.
REQUIRED KNOWLEDGE/SKILLS/ABILITIES:
Bachelor’s degree and up to 4 years of experience in Information Security and Cyber Security space. Additional relevant experience and professional certifications will be considered in lieu of a degree.
Understanding of host-based and network security logging
Experience in usage of enterprise security solutions.
Understanding related to security encompassing end point technologies, applications, application hosting, physical and virtual data center hosting.
Experience with security practices such as security incident response and risk management.
Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members.
Must be a critical thinker with strong problem-solving skills.
Knowledge and understanding of relevant legal and regulatory requirements.
Accustomed to information security risk assessments processes
Knowledge of information security management frameworks, such as ISO 27001, ITIL, COBIT or NIST.
High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
High degree of initiative, dependability and ability to work with little supervision.
Ability to think at systems / architecture level I.e. How do all the parts of the solution fit together not just design at element level.
Proven ability in security process and organizational design; Current understanding of Industry trends and emerging threats; and knowledge of incident response methodologies and technologies.
PREFERRED KNOWLEDGE/SKILLS/ABILITIES:
Degree in applicable field
Professional information security certification, such as GCIA, GCIH, or OSCP
Knowledge of common security frameworks and regulations including FFIEC, NYDFS and NIST Cybersecurity Framework
In-depth and hands-on experience with Security Analytics and Incident Response
Knowledge in Scripting languages (e.g. BASH, Python, etc)
WHAT WE OFFER:
At RealPage, we’re always looking for talented professionals who thrive in a learning work environment that continually supports individual greatness. We foster a culture of innovation and creativity. It is the things you do that bring out the best of you and RealPage.
RealPage considers qualified applicants without regard to gender, sexual orientation, gender identity, religion, race, national origin, age, veteran, or disability status. We celebrate diversity and are committed to building an inclusive work environment where all teammates feel a sense of belonging while bringing their authentic self to the table and being valued for it.