Security Analyst

The Security Analyst will be responsible for monitoring our security infrastructure, identifying and responding to security threats, managing vulnerabilities, and contributing to the continuous improvement of our overall security posture. This role is crucial in safeguarding our organization's systems, data, and reputation against an ever-evolving landscape of cyber threats.

• Security Monitoring & Alerting: Monitor security alerts and events from various sources, including SIEM, IDS/IPS, EDR, firewalls, and other security tools; triage and investigate alerts to determine their severity, scope, and potential impact.
• Incident Detection & Response: Act as a first responder for security incidents, following established incident response plans; conduct initial analysis, containment, eradication, and recovery activities; document incident details, actions taken, and lessons learned; escalate complex incidents to senior analysts or incident response teams as appropriate.
• Vulnerability Management: Perform regular vulnerability scans and assessments of our IT infrastructure, applications, and networks; analyse scan results, prioritize vulnerabilities, and track remediation efforts with relevant teams; assist in the development and implementation of patching and remediation strategies.
• Security Tool Administration & Maintenance: Assist in the configuration, maintenance, and optimization of security tools and technologies; ensure security tools are functioning correctly and generating accurate data.
• Log Analysis & Threat Hunting: Collect, analyze, and correlate log data from various systems to identify suspicious activity or potential threats; proactively hunt for threats and indicators of compromise (IOCs) within the environment.
• Threat Intelligence: Stay informed about the latest cybersecurity threats, vulnerabilities, attack vectors, and mitigation techniques; gather and analyze threat intelligence from various sources to enhance detection capabilities.
• Reporting & Documentation: Prepare regular reports on security incidents, vulnerability status, and overall security posture; maintain accurate and detailed documentation of security procedures, configurations, and incident response activities.
• Collaboration & Support: Collaborate with IT teams, developers, and other business units to implement security best practices and address security concerns; provide security-related support and guidance to end-users and internal teams; assist with internal and external security audits and compliance activities (e.g., GDPR, ISO

• Bachelor's degree in computer science or related field
• 2+ years of hands-on experience with the design, implementation, and operation of enterprise vulnerability management
• 2+ years' experience supporting diverse IT systems, processes, or capabilities in large organizations
• 2+ years of solid understanding of industry best practices for hands-on, security vulnerability remediation
• 2+ years with SCCM, WSUS (or other, similar tools) running in an enterprise environment
• 2+ years in scripting of packaged installation of patches, software, and configuration changes, including the knowledge and ability to write PowerShell scripts needed to automate patch management processes
• Extensive experience with core vulnerability management scanners (e.g., Qualys, Tenable)
• Strong knowledge of OWASP Top 10 and the ability to articulate application security risks and determine threat level
• Technical understanding of a range of enterprise IT and cloud-based architectures and technologies such as networking, server infrastructure, operating systems, web applications, databases, containerization, mobile
• Preferred certifications: Net+, Security+, OSCP, CEH, CISSP, GIAC (GSEC, GEVA, GPEN, etc.)

Verifone is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. Verifone is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

For questions about our privacy practices, please email