CyberArk Monitoring Analyst

CyberArk Monitoring Analyst Apex Systems is a world class technology services business that incorporates industry insights and experience to deliver solutions that fulfill our clients’ digital visions. Apex has an opportunity for a CyberArk Monitoring Analyst. Here are the details: Position: CyberArk Monitoring Analyst Location: Remote Duration: 6+ Months Position Description: The CyberArk Monitoring Analyst role is part of the Santander US Cybersecurity Fusion Center first line of defense in protecting Santander information systems from internal and external threats reporting to the Director, Cybersecurity Fusion Center. Individuals in this role will work closely with the Cybersecurity Security Monitoring and Incident Response teams and Security Technology Admins to fulfill and develop a comprehensive monitoring and investigations capability. The position will be responsible for monitoring security tools to support security event handling, supporting operational efforts around automating detective controls (sources: Intel, Response, Hunt Research) and ensuring real-time detection and monitoring capability enhancements to respond to evolving threats. Candidates will be required to communicate pertinent information throughout the information security teams. Ideal candidates should have demonstrable experience in industry standard operating systems as well as knowing networking and Cyber-attack methods. Must display enthusiasm and interest in Information Security. Overview:

• Monitor for and detect CyberArk security events from SIEM, Log collection Engines and other security technologies, such as Splunk
• Perform investigations using various Monitoring Security technologies (i.e. CyberArk, Splunk)
• Review alerts escalated by end users
• Perform initial triage of incoming issues (initially assessing the priority of the event, initial determination of event to determine risk and damage or appropriate routing of security or privacy data request)
• Monitoring of health alerts and downstream dependencies
• Provide limited response to end users for low complexity security events
• Review and take a proactive approach to false positive and work with the various Security teams to tune and provide feedback to improve accuracy of the alerts.
• Document, investigate and Notifying appropriate contact for security events and response
• Takes an active part in the resolution of events, even after they are escalated

Technical Skills:

• Ability to demonstrate understanding of Privilege Access Management tools, processes and procedures
• Ability to demonstrate understanding of Security investigations process and procedures
• Ability to demonstrate understanding of Security investigations process and procedures
• Ability to demonstrate technical experience working with enterprise security technologies like SIEM, CyberArk
• Demonstrate ability to work with an Incident Management Tool (RSA Archer, ServiceNow).
• Demonstrate excellent communication and organizational skills.
• Demonstrate experience in windows/Unix scripting languages such as bash, python, regex, power Shell etc.

Core Requirements:

• 0-2 years of experience in this particular role
• Helpdesk or SOC experience
• Knowledge of security concepts,
• Knowledge of networking and/or Windows OS
• English fluency/high proficiency

Additional Notes from Manager:

• Applicants with system admin experience in Windows and Linux, in addition to some experience working with databases, could be sufficient criteria to fill this role. We can train the CyberArk piece if they have that experience.