Senior Cyber Security Analyst

A leading global electronic manufacturing firm

ESSENTIAL FUNCTIONS:  Actively engage with Cyber Engineering to develop and implement new security systems while continuing to make major improvements allowing for real-time monitoring and analysis of security alerts.
 Provides fast and effective second and third tier support for advanced or complex potential security incidents reported by customers and identified by monitoring tools.
 Monitors and analyzes network traffic for anomaly reporting and identification of suspicions activity
 Invests a significant amount of time to remain technically current with the latest security techniques and trends in the industry that translate to operational action items.
 Develops test plans to ensure security compliance and conduct feasibility studies to examine software requirements, administration costs, information flow, and makes computer security solutions recommendations to management.
 Leads and coordinates security initiatives across security teams to complete internal investigations and legal discoveries.
 Make recommendations for changes to the environment that can help in the removal of vulnerabilities and reduction in the risk of exploitation that may result in potential incidents.
 Provides reliable and innovative solutions to a variety of complex problems using highly sophisticated problem-solving techniques including performing root cause analysis and recommendations for corrective and preventative actions
.  Acts as a security advocate for the entire IT Security organization to promote participation and adherence to security policies and procedures.
 Evaluates threat landscape and makes recommendations to management regarding technological advances that improve computing system security, reduce flow time, and enhance operational surety.
 Manages ticket management systems to track customer issues and requests and provide KPI metric reporting based on actuals and trends to assure SLAs are maintained and provides solutions to improve operating efficiencies.
 Provides significant contributions to defining SOC team roadmaps and priorities.
 Participates as security SME with cross-organizational incident management teams to support major troubleshooting efforts for global outages and security incidents.
 Recognized as an expert in assigned discipline at Garmin and applies extensive technical expertise and analysis for cyber security initiatives.
 Provides innovation within areas of expertise and contributes input to broader technology solutions outside of discipline.
 Works with senior team members to develop reliable solutions to complex problems using ingenuity and creativity.
 Avoids potential security threats and driving counter measure developments for IT managed systems.
 Ensures that all processes and procedures are followed and identified security requirements are met or exceeded.
 Demonstrates broad understanding of Garmin's business model, including Engineering, Operations, Finance, Sales and Marketing.

 Mentors junior level team members of the SOC, IT Operations, and Service Desk on security related initiatives.  Applies Garmin’s Mission Statement and Quality Policy and exhibits enthusiasm for and a desire to see Garmin succeed

OTHER RESPONSIBILITIES:  Perform other duties as necessary

EDUCATION EXPERIENCE AND SKILLS REQUIRED:
 Bachelor of Science Degree in Computer Science, Information Technology, Management Information Systems, Business or another relevant field AND a minimum of 5 years’ relevant experience OR a Master of Science Degree in one of the fields noted above AND a minimum of 3 years’ relevant experience OR equivalent combination of education and experience.
 Outstanding academics with the demonstrated ability to apply learned knowledge.
 Demonstrated mastery of troubleshooting advanced technical issues and use of infrastructure research tools.
 Proven ability to research, teach and develop team members and implement new technologies effectively.
 Demonstrated ability to exercise strong and effective verbal, written, and interpersonal communication skills in an organizational setting.  Must be team-oriented, possess a positive attitude and work well with others.
 Demonstrated ability to work and lead in a team environment.
 Lead in design and/or deployment, and maintenance of new and existing security infrastructure capabilities.
 Demonstrated ability to maintain technically current through outside research, study, and self training.
 Expert security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
 Lead design/deployment/maintenance of new and existing security infrastructure capabilities.
 Must be detail-oriented and have the ability to work proactively and effectively without supervision.  Familiarity with MITRE ATT&CK Framework and Cyber Kill Chain methodology.
 Possess expert analytical skills and strong ability to maintain composure and remain diplomatic under highly stressful situations and make security decisions impactful to the business.
 Strong multitasking skills to be able to effectively manage multiple activities, including global initiatives and dependent activities simultaneously.  Demonstrated effective verbal, written, and interpersonal communication skills.
 Consistently demonstrates quality and effectiveness in work documentation and organization.

DESIRABLE QUALIFICATIONS:  Information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration  Working experience and knowledge of security related technologies such as intrusion prevention and detection systems, web proxies, SIEM, firewalls, SOAR, EDR, web application scanner, vulnerability scanners and forensics tools  Ability to work in a fast paced, dynamic environment  CISSP certification  Other security certifications (GCIH, GCED, CISSP)  Experience with NIST 800-53 and/or NIST Cyber Security Framework (CSF)

 Experience with cyber security policies and implementation of Risk Management Framework (RMF) and compliance reporting  Experience with administrating/development of Security Orchestration, Automation, and Response (SOAR) and Security information and event management (SIEM) Platforms  Experience with administrating/development of log management platforms (Splunk, Elastic search/Logstash/Kibana - ELK / Elastic Stack)  System administration experience: Windows and Linux/Unix Scripting OR development experience (Python, Javascript, Powershell, C#, Perl)