SecOps Cyber Security Analyst

About Procare

Our mission is to simplify childcare operations and create meaningful connections by providing technology, expertise, and unparalleled service.

Procare Solutions is the #1 name in childcare software – used by more than 35,000 childcare businesses across the country. For over 30 years, childcare professionals have looked to Procare to provide real-time information for making critical decisions, maintaining compliance with local and state regulations, and adhering to business best practices.

We make childcare management run smoothly, so that our customers can spend more time focusing on the kiddos, not back office administrative duties.

A Little About the Role

The SecOps (Security Operations) Cybersecurity Analyst will report to the Director of Security and Compliance as part of the corporate cybersecurity team. This role is a matrixed position that will be aligned with the other business groups including Technology Infrastructure and Cloud teams on prioritization and implementation of Cybersecurity initiatives across the Procare organization and environments.

The SecOps Cybersecurity Analyst is responsible for monitoring, detecting, and responding to security threats and incidents within our organization. Maintaining the organization’s security strategies to respond to and protect against security breaches and vulnerabilities. This role will identify shortcomings in documented security standards, make recommendations of Industry best practices, support project leads during deployment of security enhancements, and automation improvements.

The SecOps Cybersecurity Analyst will verify adherence of corporate, network and cloud security controls, support implementing strategies to ensure that Procare’s applications and platform are compliant with security compliance and standards such as PCI-DSS, PCISAQ-D, SOC2 Type II, FERPA, NIST CSF. Additionally, this position will participate in bimonthly on-call rotation for security incidents.

The successful candidate will bring a strong passion for cybersecurity, teamwork and use prior experience, insights, and knowledge to help contribute to Procare’s cybersecurity objectives and directives.

What You Will Do

Perform hands on operational support of threat identification, monitoring of vulnerabilities and risks to Procare’s environments and applications

Utilize log ingestion platform(s) for security analytics & identification of tactics, techniques and patterns of attacks 

Monitor the threat landscape and advise on emerging security threats, attack vectors and methodology and risk to the organization 

Install, configure, and maintain security tools and technologies, such as security information and event management (SIEM) systems 

Manage the Cybersecurity Incident Response (CISRT) process, tickets, reports and root cause analysis (RCA) 

• Investigate and respond to security incidents, analyzing the root cause, mitigating the impact, and coordinating implementing corrective measure 
• Maintain accurate and detailed incident reports, security assessments, and other documentation related to security activities 
• Work with other groups and teams to ensure effective security measures and incident response 

Monitor deployed system agents verifying adherence to corporate policies

Monitor patching of workstation, servers and infrastructure hardware and systems 

Monitoring of multiple environments including corporate, production, testing and development for new threats and risks 

Continuously monitor network traffic, system logs, and security alerts for suspicious activities or anomalies that may indicate a security incident

Manage corporate secure email gateway solution 

Manage secure email certificates 

Participate in deployment of proactive security monitoring and alerting capabilities 

Communicate insight into strategic security initiatives to improve capabilities through automation, process enhancement, and analyst 

Identify improvement opportunities and provide recommendations for best practice process improvements and process automation 

Validate security standards and benchmarks for hardware and Operating Systems

Update monthly security metrics for distribution to the leadership team 

Work with internal and external auditors during security audits and assessments to ensure compliance

Provide operational support, ensuring systems and devices are online and available which may include 24x7 on-call support rotation or as needed

Our Ideal Candidate Will Have

• BA/BS degree or higher and 8+ years' of experience in cybersecurity or combination of education and relevant experience
• 5+ years’ experience working in an incident Response/Cybersecurity operations center (in-house or outsourced), creating escalating, and managing security incidents and creating incident reports 
• 3+ years' of working with security tools such as SIEM, Analytics & Intelligence, Malware detection, Data Loss Protection & Identity & Access Management 
• Deep expertise in threat intelligence, incident response, SIEM, EDR/MDR, SOAR, Vulnerability Management
• Currently hold one or more security certifications (CISSP, CISA, CRISC, CEH,SCS-C02, CSA, SSCP, CSOP) 
• Solid understanding of system & security controls on at least two OS’s (Windows, Linux / Unix, and MacOS (Advantage), including host-based forensics and experience with analyzing OS artifacts 
• Strong understanding of network security concepts, security protocols, and cybersecurity best practices 
• Experience with security tools and technologies, such as firewalls, intrusion detection / prevention systems, and SIEM systems 
• Experience with creation of management dashboards for leadership team 
• Ability to analyze security logs, network traffic, and other data sources to identify security treats 
• Strong problem-solving and analytical skills 
• Hands on experience with cloud services, Kubernetes and Docker and the major cloud providers (AWS, Azure, GCP) 
• Knowledge of implementation of the AWS architected framework with an emphasis on the security pillar 
• Strong verbal and written communication skills; ability to drive discussions and influence decision making; strong presentation and reporting skills 
• Participation in more than one full SOC2 and/or PCI-DSS audit cycle (Advantage) 
• Experience in Agile development methodologies using JIRA 
• Prior experience with security tools such as Qualys, Rapid7, Splunk, CrowdStrike Falcon, Nessus, Kali 
• Understanding of cryptographic algorithm utilized by public blockchain networks & other cryptography-related topics (Advantage) 
• Excellent communication and interpersonal skills 
• Ability to excel in a rapidly changing environment 
• Ability to multitask high priority projects 
• Ability to work independently and as part of a team

Why Procare?

• Excellent comprehensive benefits packages including: medical, dental, & vision plans
• HSA option with employer contributions
• Vacation time, holidays, sick days, volunteer & personal days
• 401K Plan with employer match and immediate vesting
• Employee Stock Purchase Plan
• Employee Discount Program
• Medical, Dependent Care, and Transportation FSA Plans
• Company paid Short and Long-Term disability and Life Insurance
• RTD EcoPass for all Denver employees
• Tuition Reimbursement and continued Professional Development
• Fast paced, high energy workplace environment in prime downtown location
• Regular company provided meals

Salary

$80,000-$120,000/year DOE

Location

While our preference is a candidate located in Denver, CO, this role is open to remote candidates in the following states: AL, AZ, CA, CO, CT, FL, GA, ID, IL, IN, IA, KY, ME, MD, MA, MI, MN, MO, NV, NJ, NY, NC, OH, OR, PA, TN, TX, VA, WA, WI.