American Airlines Analyst/Sr Analyst, IT Security Monitoring in Phoenix, Arizona

Location: Regents Centre North (PHX-52N1)

Additional Locations: None

Requisition ID: 18228

Overview

Join us for a career with endless possibilities.

Looking for a job where a passion for innovation, a culture of teamwork, and opportunities for growth are valued and rewarded? You’ve come to the right place.

You don’t have to be an airline aficionado to join American Airlines. It takes more than cool planes to keep us ahead of the curve, and thanks to our team of behind the scenes professionals, we do just that. As the largest airline in the world, American Airlines is in the business of serving the global travel needs of our customers. At the core of the Company is our commitment to each customer and each employee. We are dedicated to developing and delivering what our customers value and are willing to pay for. Customer-centric planning, innovative marketing, and an exceptional customer experience are supported by a cadre of talented people.

What does it take to join us? We’re glad you asked! We expect exceptional skills in your discipline and a dedication to being the best as we relentlessly pursue our goal of being not just the largest airline in the world, but also the best airline in the world.

Fortunately, we’re building on almost a century of innovation and firsts in our industry – and we plan to continue that tradition of excellence.

About The Job

The Tier 2 Analyst is responsible for the successful completion of all procedures executed during his/her presence in the CSARC (Cyber Security Analysis & Response Center). The Tier 2 Analysts owns the documentation and measurement of all subordinate procedures as well as continuous improvements. These senior analysts will gather information for cyber security events, collate it into an accessible format and ensure its proper dissemination. Tier 2 analysts will be responsible for the Subtle Event Process long-term analysis and deep dive investigation into network activity.

Specifically, you’ll do the following:

  • Monitor Tier 1 Analyst performance investigating incoming events using available CSARC- tools.

  • Serve as point of escalation for Tier 1 Analysts and ensure Tier 1 event(s) are addressed in a timely manner using available reporting and metrics.

  • Approve and, if necessary, further investigate Tier 1-escalated events.

  • Mentor and identify training needs for level 1 analysts to improve detection capability within the CSARC.

  • Manage CSARC event and information intake to include gathering intelligence reports, monitoring ticket queues, investigating reported incidents, and interacting with other security and network groups as necessary.

  • Serve as detection authority for initial incident declaration.

  • Serve as shift subject matter experts on incident detection and analysis techniques providing guidance to junior analysts and making recommendations to organizational managers.

  • Drive and monitor shift-related metrics ensuring applicable reporting is gathered and disseminated per CSARC requirements.

  • Collaborate with other CSARC teams on security research and intelligence gathering.

Qualifications

Required Qualifications

  • 5 years of Information Technology related experience.

  • 1-2 years SOC related experience.

  • Experience managing cases-incidents and enterprise SIEM systems.

  • A solid understanding of networking, cyber security concepts, vulnerability identification and cyber threat intelligence is necessary

  • Excellent communications skills, that includes the ability to provide formal documentation of analysis and/or research results to include briefings, reports, writing, training of lower tiers, and editing at a technical/professional level.

  • Aptitude in solving problems independently.

  • Sound decision-making ability.

  • Must be detail oriented, well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude.

  • Strong analytical and time management skills.

  • Work with minimal supervision as an individual contributor and as part of the team.

  • Availability to work a flexible schedule including nights and weekends; CSARC is 24x7x365 environment. The role is shift work and requires team members to be on time daily.

Preferred Qualifications

  • Information Security Certification such as: Security+, CISSP, CISM, CISA, CEH, GCIH, GCIA, GCFA, GREM

  • Python scripting

  • Works well both in a team environment and independently

Additional Locations: None

Requisition ID: 18228

Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status. We support and obey laws that prohibit discrimination everywhere we do business. American Airlines, Inc fully considers all qualified applicants including those with a criminal history.