portal resources jobs companies c civis analytics security operations analyst ii

Security Operations Analyst Ii 🔥


What we do

Civis Analytics helps leading businesses, nonprofits, and government use data to identify, attract, and engage customers, constituents, and citizens. With a blend of proprietary data, technology and advisory services, and an interdisciplinary team of data scientists, developers, and survey science experts, Civis helps organizations stop guessing and start using statistical proof to guide decisions. Learn more about Civis at www.civisanalytics.com [1].

All employees either must be fully vaccinated against COVID-19, initiate vaccination before your start date, or file an exemption request prior to start date per company policy for review. Due to the uncertainty of COVID-19, all Civis offices are closed and employees are remote until further notice. This is being closely monitored as the situation evolves. Although it’s likely our offices will reopen, positions hired outside of Civis office locations will be remote roles.

Our mission

Our mission is to bring objective, data-driven truth to organizational decision-making – all the way from the boardroom to the world’s largest social causes.

What we are looking for

Civis is seeking a Security Operation Analyst II to join the Civis Security Operations Team.  This position will work with the Director of Information Security on setting and executing the Civis information security program and driving security solutions that meet key security program milestones and cost objectives. 

As a Security Operation Analyst II, you will be responsible for security operations, respond to security events and alerts, participate in incident response, and mature threat and vulnerability management to ensure Civis is adequately protected against internal and external threats, as well as operating in compliance with SOC2 and FedRAMP. 

We are looking for someone who is passionate about security operations and looking forward to implementing creative solutions to a wide variety of real-world technical issues. An ideal candidate would bring with them expertise in creative problem solving, the ability to work on multiple tasks in parallel, and ability to manage expectations in a fast-paced environment, all while maintaining a high quality of work. We are looking for an individual who can rapidly adapt and learn new technologies/concepts.

All employees either must be fully vaccinated against COVID-19, initiate vaccination before your start date, or file an exemption request prior to start date per company policy for review. Due to the uncertainty of COVID-19, all Civis offices are closed and employees are remote until further notice. This is being closely monitored as the situation evolves. Although it’s likely our offices will reopen, positions hired outside of Civis office locations will be remote roles.

Responsibilities

  • Investigate and respond to security events and alerts to determine correct remediation actions and escalation paths.
  • Work with incident response (IR) team members to gather forensic evidence for investigations and remediation.
  • Evaluate CVE for applicability and develop recommendation plans to eliminate potential or confirmed vulnerabilities. 
  • Participate in developing technical security plans, evaluating/reviewing existing infrastructure security configuration, and proposing improvements for future enhancements/solutions.
  • Develop, maintain and implement SOC playbook and documentation focused on improving detection, incident response time, analysis & resolution of incidents, and overall SOC functions. 
  • Participate in Plans of Action Milestones (POA&M).
  • Develop and refine SIEM correlation rules.
  • Perform continuous security assessments, report findings and provide recommendations to the Director of Information Security.

Required Qualifications

  • 3+ years of technical hands-on security operation experience.
  • Practical experience in implementing and monitoring information security compliance and frameworks (e.g., NIST CSF, CIS Top 20, FedRAMP, SOC2).
  • Hands-on technical experience with Sumo Logic and MITRE ATT&CK frameworks.
  • Foundational knowledge in information technology, including cloud services, hardware, networking, architecture, protocols, file systems, and linux operating systems.
  • Experience in handling security incidents and conducting investigations with little supervision.
  • Attention to details, and understanding how systems thinking can improve to make an impact with smart moves in people, processes, and technologies.
  • Ability to work rapidly with the pressure of completing deadlines and frequent interruptions in a fast-paced team environment.
  • Ability to support Civis SOC as needed to support 24/7 coverage.
  • Provide emergency on-call support on a rotating schedule.
  • Excellence in documentation of policies, procedures, and guidelines.
  • Strong problem-solving and process improvement skills. 
  • Excellent verbal and written communication skills.

 

Preferred Qualifications

  • Relevant industry cloud certification is a plus.
  • Experience with AWS cloud security is a plus.
  • Experience with SaaS products is a plus.
  • Experience with at least one scripting language (i.e. Ruby, Javascript, Python, Bash) is a plus; ideally Python.
  • Experience with log, malware and forensic analysis.
  • Experience assessing and auditing network penetration testing, endpoint security planning, risk analysis and incident response.
  • Ability to comfortably collaborate across IT disciplines and teams including third parties and be able to provide constructive input.
  • Experience applying security risk assessment methodology to system development, including threat model development, vulnerability assessments, and resultant security risk analysis.
  • Demonstrated ability to translate requirements into design and subsequent solution build.

Who we are

At Civis, we have opportunities for applicants who are newcomers, seasoned professionals, and anywhere in between. Our teams are energized by complex challenges and value diversity of thought. Opportunities to stand out and inspire happen daily and we trust and encourage you to act on your ideas – no matter how big they are. We offer you the tools and community you need to do your best work. Each of us is committed to holding ourselves accountable for results, challenging the status quo and finding new ways to grow our company and each other.

Why join our team?

  • The opportunity to be part of a growing tech startup focused on solving interesting and meaningful problems, invested in internal promotion, and committed to fostering a diverse, equal and inclusive workplace. 
  • Competitive benefits, including unlimited PTO, 401K match with immediate vesting, health, dental, and vision benefits, fully paid parental leave, breastfeeding support including breastmilk shipping services for traveling moms, commuter benefits, wellness initiatives including weekly group meditations, monthly on-site massage therapy, and pet insurance.

  • To support employees in our now fully remote work environment, we also have expanded our virtual journal and book clubs, Donut Pals (organized virtual coffee meet-ups), Lightning Talks (5-minute presentations on anything you’d like), Lunch-and-Learns, and HR Open Discussions (bi-weekly meet-up where we discuss ideas and topics of the day in a casual format). We are also able to support and accommodate flexible work from home schedules to help employees juggle responsibilities at home.

Civis Analytics embraces the individuality of our employees and we celebrate each other's differences. Our products, services, and culture benefit from and thrive on the unique perspectives brought by each person in our community. We're proud to be an equal opportunity workplace, and we are committed to equal employment opportunity regardless of race, age, sex, color, ancestry, religion, national origin, sexual orientation, gender identity, citizenship, marital status, disability, or Veteran status. If you have a disability or special need that requires accommodation, please contact internalrecruiting@civisanalytics.com

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States.

EEO IS THE LAW [2]

EEO Supplement [3]

Pay Transparency [4]


  1. http://www.civisanalytics.com/
  2. https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf
  3. https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf
  4. https://www.dol.gov/ofccp/pdf/pay-transp_English_unformattedESQA508c.pdf

Let us send you new openings similar to Security Operations Analyst Ii straight to your Inbox. Weekly or Daily. 7-day free trial đź’Ś

The ability to work remotely increases employee happiness by 20 percent.