Security Operations Analyst
Unity's Security Operations (SecOps) team takes a different approach to security monitoring and response. Instead of hiring traditional 'Analysts' who mainly triage automated findings and follow runbooks, we recruit individuals who have the skills and the desire to assume greater responsibility. Existing employees who fill this same role universally describe this as the favourite and most fulfilling job they've ever had.
As the first of three Security Operations and Incident Response Analysts we'll be hiring in Copenhagen, you'll have a large role in screening and interviewing applicants for the other two positions. You will regularly have the opportunity to meet with, and present to, Unity's Chief Security Officer and Chief Privacy Officer. You'll work closely with your peers in Copenhagen, but also with our U.S.-based team; we have crafted our team structure and procedures specifically so that no one in this role is ever left on their own, without support or backup.
We will jointly build and maintain a career development plan, and work together to ensure that you're making regular progress towards your goals. This includes training, conferences, and, whenever possible, the projects and tasks that you are assigned to.
What you’ll be doing
- Analyzing metrics, incident data, and new log sources to find opportunities for new alerts, and then writing those alerts
- Identifying ad hoc response procedures that can be routinized and then automated, and then authoring that automation
- Leading and participating in investigations of possible security incidents, diving as deeply into the technical details as your knowledge and interest allows
- Keeping informed about industry standard methodologies and trends in Security, Monitoring, Response, Threat Intel, and Forensics, and then making recommendations about products and procedures we should adopt
- Learning to think at a strategic level that encompasses more than just technical and security concerns, and then applying that perspective to make risk assessments and drive incident response decisions
What we’re looking for
- Experience as a Security Analyst or similar role in a Security Operations Center
- Experience writing detections/alerts, and/or automated or manual runbooks
- Experience with one or more Cloud platforms
- An abiding curiosity about Security, as shown in resume, course selection, or non-work related projects
- A desire to help craft the Security Operation Team's vision, culture, tool selection, methods and procedures
- A preference for working collaboratively, with a natural inclination to take pride in mentoring and helping others to succeed
You might also have
- Experience with the Elastic stack and/or XSOAR
- Experience with forensics and at least one forensics tool, such as Magnet
- Experience with Threat Intelligence and several Threat Intelligence feeds