IT Security Operations Analyst II
Microchip Technology
Are you looking for a unique opportunity to be a part of something great? Want to join a 20,000-member team that works on the technology that powers the world around us? Looking for an atmosphere of trust, empowerment, respect, diversity, and communication? How about an opportunity to own a piece of a multi-billion dollar (with a B!) global organization? We offer all that and more at Microchip Technology, Inc.
People come to work at Microchip because we help design the technology that runs the world. They stay because our culture supports their growth and stability. They are challenged and driven by an incredible array of products and solutions with unlimited career potential. Microchip’s nationally-recognized Leadership Passage Programs support career growth where we proudly enroll over a thousand people annually. We take pride in our commitment to employee development, values-based decision making, and strong sense of community, driven by our Vision, Mission, and 11 Guiding Values; we affectionately refer to it as the Aggregate System and it’s won us countless awards for diversity and workplace excellence.
Our company is built by dedicated team players who love to challenge the status quo; we did not achieve record revenue and over 30 years of quarterly profitability without a great team dedicated to empowering innovation. People like you.
Visit our careers page to see what exciting opportunities and company perks await!
Job Description:
The IT Security Operations/Cyber Security Analyst II at Microchip Technology Inc is responsible for protecting the company's information systems and networks from cyber threats. Key duties include proactive threat hunting, monitoring, detecting, analyzing, and responding to security incidents, managing multi-vendor security tools, and implementing preventive measures. The role also involves developing security strategies to enhance the company's security posture and requires close collaboration with IT teams, management, and other stakeholders to maintain a robust and compliant cybersecurity framework.
Key Responsibilities:
Utilize the latest threat intelligence to detect emerging threats.
Enhance team efficiency by identifying tuning opportunities, creating automation playbooks, and optimizing technology use.
Review and provide technical advice on tuning recommendations to improve security posture.
Serve as an escalation point for process and technical advice.
Conduct quality audits on incident tickets to ensure compliance with processes.
Conduct detailed investigations of security alerts, including those escalated by Level 1 SOC Analysts.
Analyze technical details to determine whether an anomaly is a potential security threat.
Manage incidents and response processes, ensuring timely and accurate resolution.
Perform advanced analysis of incidents, evaluating their sophistication and potential impact.
Provide technical guidance to Level 1 Analysts to help resolve complex incidents.
Ensure the quality of reports and maintain high standards of accuracy in incident management.
Lead teams or sub-teams as needed.
Provide on-call support for high-priority or high-severity incidents.
Ensure balanced capacity and workforce for 24/7 SOC service delivery.
Assist in generating raw data for KPIs, submit calculations, record results, and recommend quality performance measures.
Deliver training to enhance the skills of new and existing team members.
Contribute to SOC playbooks and knowledgebase with findings from investigations to inform future responses.
Requirements/Qualifications:
Qualifications and Experience:
- Bachelor’s degree in Computer Science, Information Assurance, Information Security Systems, or a related field.
- Minimum of 3 years of experience in a Cyber Security role.
- Highly desirable certifications: CompTIA SEC+, CYSA+, or similar credentials.
- Relevant system and network certifications (e.g., A+, Network+, CCNA).
Technical Skills:
- Understanding of network and endpoint security solutions, including firewalls, proxies, antivirus, and IDS/IPS concepts.
- Proficient in networking protocols/technologies (e.g., TCP, IP, HTTP/HTTPS).
- Experience with SIEM, UEBA, and EDR as a Level 2 security analyst.
- Proficiency in OSINT techniques and tools (e.g., Maltego, Shodan, SpiderFoot) for threat hunting.
- Advanced knowledge of Unix, Linux, and Windows operating systems.
- Experience with attack and penetration testing methodologies and vulnerability assessment tools (e.g., Metasploit, Burp Suite, Nmap, Nessus, Qualys).
- Ability to build scripts, tools, or methodologies to enhance incident investigation and processes (e.g., Python, PowerShell, Wireshark).
- Knowledgeable with Web application security
- Possesses a strong understanding of AI applications in threat detection and response, with experience in leveraging AI and machine learning algorithms to enhance security measures and automate threat analysis. Emphasizes the importance of understanding fundamental principles and not relying solely on AI.
Investigation and Analysis Skills:
- Advanced investigation techniques, including:
- Network forensic acquisition and analysis (e.g., Wireshark, PacketTracer, Open Source Tools).
- Endpoint forensic acquisition and analysis (e.g., EnCase, X-Ways, Axiom, IEF, FTK).
- Memory analysis.
- Analysis of various security logs (e.g., endpoint, security appliances, SIEM, Windows event, syslog).
- Reverse malware engineering.
- Email header analysis.
- Vulnerability report analysis and remediation.
Communication and Leadership:
- Strong verbal and written communication skills, with the ability to write structured reports.
- Comfortable leading investigations and communicating with stakeholders and colleagues on both technical and non-technical levels.
- Strong sense of personal responsibility for learning and self-development.
Travel Time:
0% - 25%