|Location||San Francisco, Boston, New York, Washington DC, Austin, Chicago|
|Preferred GIAC Certifications||GSEC, GCED|
Founded in 1993, DivcoWest is a multi-disciplinary real estate investment firm headquartered in San Francisco, with offices in Los Angeles, Menlo Park, Boston, Washington DC, Austin, and New York City. Known for our long-standing relationships and track record of success in innovation markets, DivcoWest combines entrepreneurial spirit with an institutional approach. As of Q3 2022, DivcoWest has over $18 billion in assets under management and has acquired or developed nearly 60 million square feet of commercial real estate primarily across the United States.
DivcoWest aims to create environments that inspire ingenuity, promote growth, and enhance the health, happiness, and well-being of all people. A disciplined code of ethics is at the core of all that we do. We believe that the collective energy of a diverse team is what drives our creative ideas and solutions.
Security analysts are ultimately responsible for ensuring the company's digital assets are protected from unauthorized access. This includes securing both online and on-premises infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur.
This position involves understanding and taking steps to mitigate the risks associated with collecting, storing, and transmitting data in a business setting. You will be expected to set up, evaluate, and maintain security measures and technologies that help prevent security breaches, as well as analyze any breaches that occur.
This individual may work from our Boston, San Francisco, New York, Washington DC, Austin, or Chicago offices.
The Security Analyst position’s responsibilities may be changed, altered, or increased by the Company at any time.
Interested candidates should send their resumes to Aida Moradi: AMoradi@divcowest.com.
· Monitor the SIEM for suspicious events and anomalous activity
· Monitor, triage, and respond to security support requests and tickets reported by users which will involve technical analysis to determine the type, category, and impact of potential security events
· Assists in the improvement of current information security processes and procedures
· Validate suspicious events and incidents identified by the company’s MSSP SOC and security intelligence services
· Assists in hardening and securing company systems
· Document and manage incident cases in the company’s ITSM platform
· Identify and report any gaps in log collection, security agent disruptions, or other reporting as soon as possible to the technology infrastructure team
· Report all operational issues or problems to senior security personnel
· Assists in cyber incident response
· Provide weekly security status and project reports
· Assists in vulnerability management and penetration testing
· Assists in periodic Phishing campaigns and user awareness training, including tabletop exercises
· Review and monitor inventory of technology hardware and software assets and assess them for security vulnerabilities and other risks
· Research security enhancements in our security technologies and make recommendations to Information Security management
· Become functional with third-party threat intelligence tools as required
· Maintain security knowledge through certifications and educational training
· Responsibilities sometimes require working evenings and weekends, sometimes with little advanced notice
· 5+ years of experience in Information Security and/or Technology Risk Management fields
· Bachelor’s Degree in Computer Science, Cybersecurity, or related Technology field
· At least one security or technology-related certification (Security+, SANS GIAC, CCNA/CCNP, Microsoft) required
· Working experience with Windows security, cloud computing, firewalls, SIEM, antivirus, and IDS/IPS concepts
· Experience with Windows endpoint system configuration, operating system upgrades, hardware & software support
· Experience with Microsoft Network Administration: Active Directory, GPO administration, IIS, DNS, and Windows Server PowerShell Scripting
· Demonstrated project management experience working with cross-functional groups
· Impeccable time management and multi-tasking skills
· Outstanding written and verbal communication skills with experience translating complex information and requirements into clear and actionable tasks
· Excellent organizational skills and strong attention to detail
· Works well under pressure and adapts to changing circumstances
· Fast learner who proactively works with minimal direction
· Solution-oriented and have a collaborative approach to overcoming barriers
· Strong sense of integrity and ability to deal with issues and subject matter that requires considerable sensitivity, discretion, and judgment
· Continually seeks and learns from feedback
Additional Preferred Skills:
· Cisco networking administration: Cisco ISE, FirePower, DNA, SD-WAN, wireless, Umbrella
· OKTA SSO administration and configuration
· Remote access solutions: VPN, Remote Desktop, VDI
· Rapid7 IDR experience
· KnowBe4 Administration
· Defender for Endpoint, Defender for Cloud
· Linux experience
Must be able to remain in a stationary position for 50% of the time. The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
· Annual bonus opportunity
· Full benefits