Overview
Welcome to the Cybersecurity Incident Response & Operations team (CSIRT) at Chick-fil-A. We are a dedicated group focused on identifying and responding to cyber threats against our organization. As a Senior Lead Cybersecurity Analyst, you will apply your technical experience to help build and maintain capabilities around monitoring, detecting, and responding to cybersecurity threats, serving as a technical lead and subject matter expert on the team, and helping shape our team's efforts across the business.
Our Flexible Future model offers a healthy mix of working in person and virtually, strengthening key elements of the Chick-fil-A culture by fostering collaboration and community.
Responsibilities
Want more jobs like this?
Get Computer and IT jobs in Atlanta, GA delivered to your inbox every week.
- Triage and respond to security events and incidents from various sources, primarily coordinating with your peers through our SOAR platform.
- Partner with groups outside of Cybersecurity on triage and response efforts as needed for security events and incidents.
- Identify and propose new technologies, methodologies, and/or approaches to detecting malicious activity.
- Collaborate with peers on threat hunting and data analytics strategy and capabilities.
- Contribute to the maintenance of a SIEM solution through defect fixes, content updates, and new use-case development.
- Contribute to the maintenance of a SOAR solution through content updates and new use-case development.
- Contribute to the maintenance of anti-phishing preventative platforms through new detection and triage rule development.
- Collaborate with external security partners on detection and response to cyber threats.
- Research threat landscape and trends to adapt our capabilities to keep pace with malicious actors.
- Provide investigation findings to relevant business units to help improve cybersecurity posture.
- Identify and conduct operational intelligence analysis to identify process and capability improvement opportunities for the CSIRT team.
- Represent CSIRT team's perspective and objectives in consultant-like collaborative efforts with Cybersecurity peers and colleagues in DTT.
- Participate in threat modeling collaboration with other members of the cybersecurity team.
Minimum Qualifications
- Strong understanding of cybersecurity principles, practices, and technologies.
- Proficiency in using security tools such as SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), and anti-phishing platforms.
- Experience in threat hunting, incident response, and forensic analysis.
- Knowledge of networking protocols, operating systems, and cloud environments.
- Familiarity with programming languages like Python, PowerShell, or scripting for automation.
- Ability to analyze security events, incidents, and trends to identify threats and vulnerabilities.
- Strong problem-solving skills to investigate and resolve complex cybersecurity issues.
- Aptitude for researching and staying updated on the latest cybersecurity threats and trends.
- Strong communication skills to articulate technical concepts to non-technical stakeholders and present findings to business units.
- Flexibility to adapt to evolving cybersecurity threats and technologies.
Preferred Qualifications
- Experience with Palo Alto Cortex XSOAR
- Experience with Splunk Enterprise Security
- Experience with Sublime Security
- Experience with DataDog
- Experience with AWS Cloud Services
- Experience detecting and responding to threats in Kubernetes environments.
- OSCP, GSEC, GCED, GCIH, CISSP, GMON
Minimum Years of Experience
5
Required Level of Education
High School
Preferred Level of Education
Bachelor's Degree