Your Role

As a member of the Security Technology Operations (STO) team at Zurich Insurance, the Lvl2 Security Technology Analyst will work with a global security toolkit, focusing server log collection, utilizing Splunk, Cribble, and OpenSearch.  The role involves taking a lead in incidents and service requests, supporting the product lead and service manager, and providing advanced troubleshooting and mentorship to more junior Lvl1 team members.

 

Key Responsibilities:

Lead and manage incident and request handling Attain and maintain SLAs and KPIs, providing detailed reporting and the timely escalation when necessary to management Configure and build new reports to support business or Cyber requests Manage change request creation, representation, and implementation for the technologies supported Ensure system/application alerts are promptly acknowledged and actioned Escalate complex issues to STO management and leadership as necessary Lead and support patching, upgrades, and configuration changes with onshore team members Manage high-priority incidents and requests related to logging and reporting Participate in major incident management calls and Cyber response calls to provide priority support requests Ensure strict compliance with audit controls and evidence requirements Lead troubleshooting of complex log collection or reporting issues and support Lvl1 team members Mentor and share advanced knowledge with Lvl1 analysts Identify and help implement automation and optimization opportunities

 

Experience:

Prior experience with and understanding of networking concepts and protocols, including TCP/IP, DNS, firewalls, etc. Prior experience with Splunk infrastructure or reporting, Cribble, and/or OpenSearch Prior experience managing Unix/Linux operating systems, especially RedHat. 3-5 years of experience in a security operations role. Proven advanced troubleshooting capabilities Exceptional communication skills and the ability to mentor junior team members

 

Your Role

As a member of the Security Technology Operations (STO) team at Zurich Insurance, the Lvl2 Security Technology Analyst will work with a global security toolkit, focusing server log collection, utilizing Splunk, Cribble, and OpenSearch.  The role involves taking a lead in incidents and service requests, supporting the product lead and service manager, and providing advanced troubleshooting and mentorship to more junior Lvl1 team members.

 

Key Responsibilities:

Lead and manage incident and request handling Attain and maintain SLAs and KPIs, providing detailed reporting and the timely escalation when necessary to management Configure and build new reports to support business or Cyber requests Manage change request creation, representation, and implementation for the technologies supported Ensure system/application alerts are promptly acknowledged and actioned Escalate complex issues to STO management and leadership as necessary Lead and support patching, upgrades, and configuration changes with onshore team members Manage high-priority incidents and requests related to logging and reporting Participate in major incident management calls and Cyber response calls to provide priority support requests Ensure strict compliance with audit controls and evidence requirements Lead troubleshooting of complex log collection or reporting issues and support Lvl1 team members Mentor and share advanced knowledge with Lvl1 analysts Identify and help implement automation and optimization opportunities

 

Experience:

Prior experience with and understanding of networking concepts and protocols, including TCP/IP, DNS, firewalls, etc. Prior experience with Splunk infrastructure or reporting, Cribble, and/or OpenSearch Prior experience managing Unix/Linux operating systems, especially RedHat. 3-5 years of experience in a security operations role. Proven advanced troubleshooting capabilities Exceptional communication skills and the ability to mentor junior team members