Senior Security Analyst - Security Operations

Holman is a family-owned, global automotive services organization anchored by our deeply rooted core values and principles that have enabled us to continue Driving What’s Right throughout the last century. Our teams deliver the Holman Experience by treating our customers and each other as we would like to be treated, and creating positive, rewarding relationships all around.

The automotive markets Holman serves include fleet management and leasing; vehicle fabrication and upfitting; component manufacturing and productivity solutions; powertrain distribution and logistics services; commercial and personal insurance and risk management; and retail automotive sales as one of the largest privately owned dealership groups in the United States.

The Holman Enterprises Security Operations team has an opportunity for a Senior Security Engineer. This position will have primary technical focus, leading the analysis of enterprise defenses during scoped and open-ended projects. This role is responsible for establishing a roadmap for the placement and use of security tools; as well as the implementation and monitoring.

Job Description:

• Participate in the administration of security implementations (EPP/EDR, IPS/IDS, SIEM, etc.)
• Support the ongoing administration, design and use of the Security Information & Event Monitoring platform, ensuring audit trails, system logs and other monitoring data is reviewed and actionable.
• Support the ongoing administration, design and user of network segmentation tools and underlying concepts.
• Perform vulnerability assessments and reviews; facilitating remediation planning, exposure tracking, communicating risk, and reporting on mitigation status
• Lead the development of security control assessments for common platforms and the implementation of findings from said assessments
• Facilitate Incident Response activities as a Subject Matter Expert through the Incident Response life-cycle
• Provides security architecture knowledge and design concepts to Information Technology and Development teams.
• Apply or recommend adaptive security measures based on investigative findings and threat monitoring
• Participate in and coordinates application security reviews, working with third party assessors and application owners to identify and remediate findings
• Performs second level investigation into user reported threats such as phishing, machine compromise, advanced threats, etc.
• Advise management on best practices, current trends, and pertinent changes in internal/external threats and opportunities for improvement. Presents action plans for implementation and approval
• Perform threat hunting based on Tactics, Techniques and Procedures (TTPs) and threat reporting from information sharing organizations (US-CERT, FS-ISAC, etc.)
• Provide technical expertise to support vendor and project reviews.
• Performs all other duties and special projects as assigned.

Preferred Technology Experience:
• Experience with network segmentation tools like Illumio, Guardicore, Zscaler ZWS, Cisco Tetration/ACI
• Significant Experience with SIEM technologies: Elasticsearch, Winlogbeat, Logstash, LogRhythm, Sigma
• Behavioral Endpoint Protection solutions: Cylance, SentinelOne, Crowdstrike
• Vulnerability Assessment services: Nexpose/InsightVM, Nessus, Qualys
• Network Detection Tools: Bro (Zeke), Suricata, Security Onion, etc.
• Firewall Technologies: Cisco ASA, Cisco Firepower, Palo Alto
• Familiar with any of Bash, Python, PowerShell

Relevant Work Experience:

• 5-7 years of combined Information Security and Technical Administration Experience.
• Experience with infrastructure and application security controls. This includes both designing and assessing security controls.
• Experience with Microsoft Azure, AWS, GCP or other cloud platforms a plus.
• Substantial experience with common information security management frameworks, MITRE ATT&CK, OWASP, CIS, International Standards Organization (ISO) 27001 and IT Infrastructure Library (ITIL).
• Substantial and advanced experience with security information and event management (SIEM) systems
• Substantial experience with IDS/IPS and other network security platforms
• Breadth and depth of technical and or functional expertise in security operations and other related areas within information technology departments such as Infrastructure, Engineering, Networking or Development

Compensation: $125,000.00+

#LI-BS1

#LI-REMOTE

At Holman, we exist to provide rewarding careers and better lives for employees and their families. We hire, train, empower, and reward exceptional people. Our journey is guided by our desire to get it right every time and the acknowledgement that we have an opportunity to be better. To be better, we have to do better, and to do better we must know better. That’s why we are listening, open to learning new things – about ourselves and each other. We will never stop striving for improved diversity, equity, and inclusion because we are successful together when we feel trusted and supported. It’s The Holman Way.

At Holman, your total compensation goes beyond your paycheck. To position you for success and provide a rewarding career and better life for you and your family, Holman is proud to offer you the benefits you deserve; including protection against illness, disability, loss of work, or preparation for retirement. Below is a brief overview of the programs available to full-time employees (programs may vary by country or worker type):

• Health Insurance
• Vision Insurance
• Dental Insurance
• Life and Disability Insurance
• Flexible Spending and Health Savings Accounts
• Employee Assistance Program
• 401(k) plan with Company Match
• Paid Time Off (PTO)
• Paid Holidays, Bereavement, and Jury Duty
• Paid Pregnancy/Parental leave
• Paid Military Leave
• Tuition Reimbursement

Benefits:

Regular Full-Time

We offer excellent benefits including health, vision, dental, life and disability insurance, and 401(k) with company match. Our time off benefits include Paid Time Off (PTO), paid holidays, bereavement, and jury duty. In addition, we offer paid pregnancy and parental leave, and supplemental paid military leave to eligible employees.

Click here for Washington State benefit information.

Temporary or Part-Time

In geographic areas with statutory paid sick leave, part-time and temporary employees will receive a paid sick leave benefit that meets the mandated requirements.

Click here for Washington State benefit information.

Pay:

We offer competitive wages that are commensurate with job-related skills, experience, relevant education or training, and geographic location, starting in the range of $81,210.00 - $117,760.00 USD annually for full time employees. The annual compensation range is comprised of base pay earnings.

Equal Opportunity Employment and Accommodations:

Holman provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. 

If you are a person with a disability needing assistance with the application process, please contact HR@Holman.com

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.