Cyber Security Operations Analyst

About GlobalFoundries:

GlobalFoundries is a leading full-service semiconductor foundry providing a unique combination of design, development, and fabrication services to some of the world’s most inspired technology companies. With a global manufacturing footprint spanning three continents, GlobalFoundries makes possible the technologies and systems that transform industries and give customers the power to shape their markets. For more information, visit www.gf.com.

Summary of Role:

The Principal Information Security Analyst has the responsibility for complex analytics involving industry trending, evaluating the security landscape globally both internal and external to the company, monitoring and reacting to advanced persistent threats, and delivering intelligence surrounding corporate security posture and conditions within Security. Principal Analyst Information Security is responsible for the overall security posture of the company performing strategic level threat assessments, primarily in a proactive sense though at time reactive.

The Principal Analyst Information Security will proactively protect the network by researching the latest security trends and provide direction to the security team to prepare/deploy mitigation strategies.

Essential Responsibilities:

• Stay abreast of new threats and continuously evaluate current processes and tool sets.
• Recommends new approaches that allow greater standardization and more effective management of information security measures.
• Maintain and develop SLAs and monthly operational reporting and metrics on the effectiveness of security tools and processes.
• Develop, maintain, and enhance related policies, documentation and procedures.
• Responsible for maintaining confidentiality, integrity, and availability of information, applications, infrastructure, and cloud environments.
• Assist in the identification, response, investigation, and remediation of security events and incidents as needed.
• Ensures adequate audit trails exist for the detection, investigation, correction, and/or disciplinary action related to information security breaches, violations, and other incidents.
• Enforce policies and follow up with risk and exception management
• Provide technical support and escalation path for resolving incidents and requests
• Work directly with third party providers, HR, Legal and others for investigations
• Support ongoing and emerging cybersecurity projects and tasks across the organization.
• Work closely with the technical teams, and collaborate with the architecture, network and data center teams
• Help design and facilitate the maturity of the cyber defense operations center
• Mentor cyber security team to develop skills and competencies
• Provide input into the evaluation, planning, configuration, and implementation of both new and existing security initiatives.
• Evaluates, tests, monitors, and maintains information systems (IS) and cyber security policies, procedures and systems I Creates, implements and oversees identity management systems to meet specific security needs and complex compliance standards
• Ensures that IS and cyber security plans, controls, processes, standards, policies and procedures are aligned with IS standards and overall IS and cyber security
• Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security
• Develops techniques and procedures for conducting IS, cyber security and access and identity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.

Other Responsibilities:

• Perform all activities in a safe and responsible manner and support all Environmental, Health, Safety & Security requirements, and programs.

Required Qualifications:

• Bachelor’s Degree in Information Security or related discipline.
• Minimum 5 years of related experience
• Applicant must be a U.S. citizen, lawful permanent resident of the U.S., Or a protected individual as defined by 8 U.S.C. 1324b(a) (3)
• Solid understanding of network technologies and protocols
• Experience with IPS/IDS, SIEM, Firewalls and Proxies
• Firm understanding of Security incident handling procedures
• Ability to perform forensic analysis, threat hunting and penetration testing
• Excellent communication skills
• Comfortable with directing and leading the work of others.
• Ability to prioritize, schedule and track to deadlines individual work and the work of others
• Travel - Up to 10%
• Fluency in English Language – written & verbal.

Preferred Qualifications

• Working knowledge in the Semiconductor industry
• Excellent technical documentation skills
• SANS GIAC Security Essentials (GSEC)
• CompTIA PenTest+
• Project management skills - i.e., the ability to innovate and execute on solutions that matter; the ability to navigate ambiguity.
• Strong written and verbal communication skills.
• Strong planning & organizational skills.

Expected Salary Range

The exact Salary will be determined based on qualifications, experience and location.