Principal Security Operations Analyst

About Us

Diligent is the AI leader in governance risk and compliance (GRC) SaaS solutions helping more than 1 million users and 700000 board members to clarify risk and elevate governance. The Diligent One Platform gives practitioners the C-Suite and the board a consolidated view of their entire GRC practice so they can more effectively manage risk build greater resilience and make better decisions faster.

Learn more or follow us onLinkedInandFacebook

Position Overview:

The Principal Security Operations Analyst plays a pivotal role in Diligents high-impact Security Operations team dedicated to protecting our people sites and assets across the globe.

Our mission is clear to safeguard the confidentiality integrity and availability of customer employee and business information. As part of Diligents first line of defense Security Operations stands at the forefront preventing detecting and responding to cyber threats that challenge our systems and data every day.

In this role youll be a driving force behind the evolution of Diligents threat detection and response capabilities. Youll lead complex investigations shape our incident response strategy and drive proactive initiatives like threat hunting behavioral analytics and continuous monitoring across our global technology landscape. This is your opportunity to make a measurable impact strengthening Diligents security posture and helping us stay one step ahead of the threat landscape.

Key Responsibilities

• Independently drive end-to-end investigation and incident response for complex incidents (including collaboration documentation collaboration and driving next steps and lessons learned).
• Oversee and advise investigation and incident response led by other team members.
• Lead engagement with Managed Detection and Response providers to monitor for and investigate security alerts for threats to the confidentiality and integrity of key systems and data.
• Utilize threat intelligence sources to enhance detection capabilities and conduct proactive threat hunting.
• Lead initiatives to evaluate current and prospective security tools to enhance the Diligents overall security readiness.
• Collaborate effectively with cross-functional teams and stakeholders across the globe.
• Lead complex enterprise-wide initiatives to design and implement security measures to enhance Diligents security posture.
• Set technical direction for the team and serve as our highest point of technical escalation.
• Mentor staff lead team and cross-functional interviews andprovide meaningful feedback.
• Contribute directly to establishing and implementing strategy for the threat detection and response programs.
• Consistently influence guidelines and operating practices of the team.

Required Experience/Skills

• 12 years of information security experience or the equivalent combination of education technical training or work experience.
• 5 years leading complex security investigations and commanding security incidents especially as part of a dedicated Incident Response team.
• Strong interpersonal skills with the ability to easily and effectively interact with and support both technical and non-technical staff at all levels in both written and verbal forms.
• Strong decision-making capabilities with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Thrives in complex situations requiring one to react quickly decisively and deliberately.
• Significant expertise in key security operations and cloud security technologies including EDR SIEM CNAPP and vulnerability scanners.
• Mastery in log analysis and threat hunting.
• Track record of designing and leading complex cross-functional initiatives andhelping others work on the components thereof.
• Writing scripts to automate processes or gather data using tools such as PowerShell Bash Python SQL etc.
• Working with regulatory compliance and information security management frameworks (e.g. ISO 27000 COBIT NIST 800-53 MITRE ATT&CK etc.).
• Demonstrated expertise in the following areas:
• Threat activity including actors motivations TTPs intelligence sources etc.
• Networking concepts and protocols such as TCP/IP DNS VPN firewalls IDS/IPS etc.
• Identification authentication and authorization concepts and protocols such as Active Directory IDPs OIDC OAuth RBAC SAML MFA etc.
• Public cloud resources and concepts such as virtual machines containers images serverless functions roles policies APIs etc.
• Prior experience with the following:
  • Working in an application security cloud security or security operations center role.
  • Building tuning and maintaining detections for a SIEM or alerting system.
  • Writing technical runbooks for alert investigation and incident response.

Preferred Experience/Skills

• Prior experience handling security incidents involving public cloud resources (especially AWS) and custom-developed software solutions or products.
• Advanced security certification focusing on incident response or cloud security such as GCFA GCFR GCIH GEIR CCSP AWS Certified Security Specialty etc.

What Diligent Offers You

• Creativity is ingrained in our culture. We are innovative collaborators by nature. We thrive in exploring how things can be differently both in our internal processes and to help our clients
• We care about our people.Diligent offers a flexible work environment global days of service comprehensive health benefits meeting free days generous time off policy and wellness programsto name a few
• We have teams all over the world. We may be headquartered in New York City but we have office hubs in Washington D.C. Vancouver London Galway Budapest Munich Bengaluru Singapore and Sydney.
• Diversity is important to us. Growing maintaining and promoting a diverse team is a top priority for us. We foster and encourage diversity through our Employee Resource Groups and provide access to resources and education to support the education of our team facilitate dialogue and foster understanding.

Diligent created the modern governance movement. Our world-changing idea is to empower leaders with the technology insights and connections they need to drive greater impact and accountability to lead with purpose. Our employees are passionate smart and creative people who not only want to help build the software company of the future but who want to make the world a more sustainable equitable and better place.

Headquartered in New York Diligent has offices in Washington D.C. London Galway Budapest Vancouver Bengaluru Munich Singapore and Sydney. To foster strong collaboration and connection this role will follow a hybrid work model. If you are within a commuting distance to one of our Diligent office locations you will be expected towork onsite at least 50% of the time.We believe that in-person engagement helps drive innovation teamwork and a strong sense of community.

_{We are a drug free workplace. Diligent is proud to be an equal opportunity employer. We do not discriminate based on race color religious creed sex national origin ancestry citizenship status pregnancy childbirth physical disability mental disability age military status protected veteran status marital status registered domestic partner or civil union status gender (including sex stereotyping and gender identity or expression) medical condition (including but not limited to cancer related or HIV/AIDS related) genetic information or sexual orientation in accordance with applicable federal state and local also consider qualified applicants regardless of criminal histories consistent with legal requirements. See alsoDiligents EEO Policy and Know Your are committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability you may contact us at .}

_{To all recruitment agencies: Diligent does not accept unsolicited agency resumes. Please do not forward resumes to our jobs alias Diligent employees or any other organization location. Diligent is not responsible for any fees related to unsolicited resumes.}