Sr Security Analyst

at  PAR

POSITION DESCRIPTION

Reporting to the Sr. Director of Cyber Security, the Senior Security Analyst will partner with the Cyber Security team and across PAR Information Technology and Product organizations to implement solutions to protect PAR network and infrastructure assets, intellectual property, customer, and employee data.
Position Location: US Remote - PAR is headquartered in New York. This is a work remote role. We want the best people no matter where you are. The team stays well connected and cohesive while remote.

WHAT WE’RE LOOKING FOR

If you’re someone who wants to learn, grow, build a career in a high-tech environment, and meet the below requirements, then we’re looking for you.

What you’ll do

• Assist in the implementation of technical security requirements defined by PAR’s Cyber Security Program.
• Implement security hardening standards and continuous assessment criteria for PAR’s IT and Product infrastructure stack.
• Work with IT Service Engineering and Product Engineering teams to further develop and maintain a secure architecture framework within Microsoft Azure and AWS cloud environments.
• Assist in the implementation and monitoring of build and runtime security measures for Microsoft Azure and AWS cloud environments.
• Implement or further tune existing security tooling to prevent or detect system/software vulnerabilities and common security misconfigurations.
• Assist with managing enterprise EDR Platforms as an administrator, creating detection rules, automated response workflows, conduct event and data correlation and perform incident and alert analysis.
• Conduct research on emerging vulnerabilities, threats, IOCs, IOAs, TTPs working to develop controls and build countermeasures as a response.
• Perform security reviews on PAR products and services to assess in the adoption and implementation of secure design principles. (Mobile, Web, API’s)
• Conduct comprehensive vulnerability assessments on cloud infrastructure and enterprise business systems, providing clear recommendations and guidance on remediation and providing support for implementation of mitigating actions as required.
• Partner with cross-functional technology teams to strengthen enterprise-wide detection, security orchestration, automation, and response capabilities via SIEM implementation.
• Contribute to PAR’s Cyber Security Awareness Program by building out content, conducting phishing simulation exercises and providing follow up actions to strengthen org-wide security
• Participate in Cyber Security on-call rotation as a security subject matter expert as required.

WHAT SOFT SKILLS MATTER TO US:

• Excellent time-management skills
• Critical thinking and problem-solving skills
• Working with a sense of urgency, ownership and pride in your performance and its impact on the company’s success.
• Interpersonal and communication skills

WHO WE ARE

At PAR, we believe we will win or lose, through the culture we build.

Our culture is built on 4 values.

• Speed – we are the kind of people who do not wait for the elevator
• Ownership – we want owners, not renters
• Focus – success is built from focusing on what matters most
• Winning Together – for PAR to win, we need our customers, our employees, our suppliers, our shareholders, and our community to succeed

We believe by committing to these values (and more) we can build a cultural spirit that, combined with our products, will create years of long-term success.
PAR is proud to provide equal employment opportunities to all qualified applicants for employment without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity, national origin, ethnicity, age, disability, citizenship, genetic information, status as a protected veteran, marital status, or any other protected characteristic under applicable laws.
PAR is proud to provide equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. We also provide reasonable accommodations to individuals with disabilities in accordance with applicable laws. If you’d like more information about your EEO rights as an applicant, please visit the US Department of Labor’s website

EXPERIENCE YOU NEED TO PERFORM THIS ROLE:

• 4+ years of experience as a security analyst or engineer working on a team responsible for maintaining a hotseat or security operations rotation such as a SOC or NOC.
• Bachelor’s degree in computer science, Information Systems or related field or equivalent work experience.
• Strong experience with security tools and services within AWS and Azure cloud.
• Deep expertise in Cloud Computing, Windows, Linux security.
• Experience with deploying or supporting an enterprise EDR/XDR platform, conducting log correlation, or building proactive threat detection and response dashboards via advanced threat analytics.
• Strong knowledge of networking and internet protocols (TCP/IP, DNS, SMTP, HTTP etc.)
• Strong knowledge of secure authentication protocols (OAuth, SAML 2.0)
• Knowledge of cryptographic key management best practices.
• Scripting & Programming experience required (Python, bash, Java, PowerShell)
• Experience with supporting security incident response and
• Experience with assessing or implementing controls to comply with security and compliance frameworks and standards such as SOC2, ISO27001, PCI DSS, NIST CSF

What you’ll do

• Assist in the implementation of technical security requirements defined by PAR’s Cyber Security Program.
• Implement security hardening standards and continuous assessment criteria for PAR’s IT and Product infrastructure stack.
• Work with IT Service Engineering and Product Engineering teams to further develop and maintain a secure architecture framework within Microsoft Azure and AWS cloud environments.
• Assist in the implementation and monitoring of build and runtime security measures for Microsoft Azure and AWS cloud environments.
• Implement or further tune existing security tooling to prevent or detect system/software vulnerabilities and common security misconfigurations.
• Assist with managing enterprise EDR Platforms as an administrator, creating detection rules, automated response workflows, conduct event and data correlation and perform incident and alert analysis.
• Conduct research on emerging vulnerabilities, threats, IOCs, IOAs, TTPs working to develop controls and build countermeasures as a response.
• Perform security reviews on PAR products and services to assess in the adoption and implementation of secure design principles. (Mobile, Web, API’s)
• Conduct comprehensive vulnerability assessments on cloud infrastructure and enterprise business systems, providing clear recommendations and guidance on remediation and providing support for implementation of mitigating actions as required.
• Partner with cross-functional technology teams to strengthen enterprise-wide detection, security orchestration, automation, and response capabilities via SIEM implementation.
• Contribute to PAR’s Cyber Security Awareness Program by building out content, conducting phishing simulation exercises and providing follow up actions to strengthen org-wide security
• Participate in Cyber Security on-call rotation as a security subject matter expert as required