This job posting is no longer active
Calling the adventurers ready to join a company that's pushing the limits of nanotechnology to keep the digital revolution rolling. At KLA, we're making technology advancements that are bigger—and tinier—than the world has ever seen.
Who are we? We research, develop, and manufacture the world's most advanced inspection and measurement equipment for the semiconductor and nanoelectronics industries. We enable the digital age by pushing the boundaries of technology, creating tools capable of finding defects smaller than a wavelength of visible light. We create smarter processes so that technology leaders can manufacture high-performance chips—the kind in that phone in your pocket, the tablet on your desk and nearly every electronic device you own—faster and better. We're passionate about creating solutions that drive progress and help people do what wouldn't be possible without us. The future is calling. Will you answer?
The Cybersecurity group at KLA is involved in every aspect of the global business. The KLA Cybersecurity group defends against cyber-attacks and provides cybersecurity tools, incident response services and assessment capabilities to safeguard the environments that support the essential operations of KLA. We are passionate about identifying adversarial activities and anticipating a wide variety of threats to strengthen our defenses and the overall protection of KLA Intellectual Property.
The Senior Cybersecurity Analyst is responsible for advanced incident response, threat hunting and maintaining the security tools that are used to secure our network and infrastructure. This individual will be responsible for generating and responding to tickets from our security tools and escalating when appropriate to relevant IT and Cybersecurity personnel. Qualified candidates should have exposure to network security assets (Firewalls/AV/IPS/IDS/SIEM). Strong communications skills, both written and verbal, are integral to success for this position.
Essential Duties and Responsibilities
• As an active member of the team, which monitors and process responses for security events on a 24x7 basis.
• Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
• Review and analyze cyber threats and provide SME support and training to junior level security analysts.
• Coordinate the tuning of SIEM and other security tools to ensure high fidelity alerting.
• Communication with management as required: keeping informed of incident progress, notifying of impending changes or agreed outages.
• IDS monitoring and analysis, analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarms.
• Compose security alert notifications.
• Advise incident responders in the steps to take to investigate and resolve computer security incidents.
• Actively preform detection, monitoring, analysis, and resolution of security incidents.
• Must be able to perform network, application, and log intrusion detection.
• Participation in security incident handling efforts in response to a detected incident.
• Must be able to maintain awareness of trends in security regulatory, technology, and operational requirements.
Additional Duties and Responsibilities
• Some travel (up to 25%) may be required.
• Ability to work in a team and communicate effectively.
• Track tickets as they route through other teams.
• Escalate service requests to appropriate resources.
• Generate reports from different data sources – create tickets when appropriate.
• Enter all work as service tickets into ServiceNow.
• 5+ years of related experience in cybersecurity or computer network defense
• Solid systems security exposure and proficiency in Operating Systems (Windows and Linux).
• Relevant security related certification(s) a plus: CISSP, GCIA, GSEC, GCIH, GCED, GCFA, GREM.
• Proven subject matter expertise in relevant areas, such as incident response, intrusion analysis, incident handling, malware analysis, web security or security engineering.
• Strong working knowledge of common security tools, such as a SIEM, AV, scanners, proxies, WAF, netflow, IDS or forensics tools
• Interpersonal skills: such as telephony skills, communication skills and active listening skills.
• Ability to multi-task, adapt to changes quickly and handle heavy ticket volumes.
• Technical awareness: ability to match resources to technical issues appropriately.
• Self-motivated with the ability to work in a fast-moving environment.
• Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.
• Knowledge of the NIST CSF, 800-171 and 800-53, CIS Top 20.
• Knowledge of confidentiality, integrity, and availability principles.
• Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, DNS and directory services.
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
5+ years of Cyber Security work experience with a bachelor’s degree.
Strong working knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, DNS and directory services.
Technical awareness: ability to match resources to technical issues appropriately.
Self-motivated with the ability to work in a fast-moving environment.
Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages.
Equal Employment Opportunity
KLA is an Equal Opportunity Employer. Applicants will be considered for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, or any other characteristics protected by applicable law.