SOC Analyst

**OPENTEXT - THE INFORMATION COMPANY**

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.

OpenText enables the digital world by simplifying, transforming, and accelerating enterprise information needs, on premises or in the cloud. We embrace all things digital and are committed to being the Best Place to Work for our Employees in over 140 locations around the world.

We obsess over our customers to ensure they are wildly successful in embracing the Digital World. Our customers entrust us with their most important information, we need to be their most trusted partner. What we do, we do well. What we create, we do purposefully to impact the world. If you believe in this and are passionate about enabling the Digital World, then let OpenText turn your career vision into reality.

**THE OPPORTUNITY**:
The Lead Security Analyst will understand a wide array of security processes and concepts and have a strong SOC background. In this role the Lead Security Analyst will be involved in monitoring, responding, and protecting (IRAP - Information Security Registered Assessors Program) information assets by working collaboratively with internal teams, SMEs, external customers, auditors, and other stakeholders. The Lead Security Analyst will perform various duties including: SIEM and security monitoring, alarm triage, incident handling, log analysis. This is a hands-on role that will create, maintain, and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in remediation of information security incidents. This role will also proactively search for, and handle, threats, and abnormal activities within the environment.

**This position will require to undergo a Security Screening with the Government of Australia for Negative Vetting Level 1 (NV1), which provides “secret” level clearance to work on government contracts to access information and assets under IRAP.**

**YOU ARE GREAT AT**:

- Security monitoring, managing security cases & tickets, security incident analysis, and other security tasks.
- Analyzing a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools)
- Responding to incidents varying from endpoint to server systems
- Conducting security reviews, risk analysis, and controls reviews in adherence to security policy
- Researching security advisories, e.g., CERT, and delivering appropriate course of action
- Creating documentation to ensure all team members can perform required tasks
- Creating meaningful and detailed metrics based on security events or activities
- Collecting evidence and artifacts to meet compliance requirements (ISO, SOX, HIPAA, SOC, etc.)

**WHAT IT TAKES**:

- Familiarity with commonly used information security concepts, best practices, and standards
- Excellent communication skills, both written and spoken
- Experience with SIEM tools and operations (Splunk preferred)
- Good analytic, troubleshooting, and problem-solving skills
- Experience with vulnerability scanning tools
- Experience with anti-virus and endpoint security solutions
- Experience with Linux and Windows operating systems
- Bachelor’s Degree in Information Systems or Systems Engineering or equivalent experience preferred
- 5+ years in Information systems support, security engineering, or risk and governance
- Preferred_ certifications must be a combination of the following either: CISSP, CISM or GSLC and one of the following CISA, PCI QSA, ISO 27001 Lead Audit, GIAC or CRISC.