DescriptionAbout Us:EMCOR Group, Inc. (NYSE: EME) is a Fortune 500 company and a leader in mechanical and electrical construction, industrial and energy infrastructure, and building services.A provider of critical infrastructure systems. EMCOR gives life to new structures and sustains life in existing ones by it planning, installing, operating, maintaining, and protecting the sophisticated and dynamic systems that create facility environments. This includes electrical, mechanical, lighting, air conditioning, heating, security, fire protection, and power generation systemsin virtually every sector of the economy and for a diverse range of businesses, organizations and government. EMCOR represents a rare combination of broad reach with local execution, combining the strength of an industry leader with the knowledge and care of 170 locations.Job Title: Security Analyst - Azure SentinelJob Summary: Responsible for supporting the maintenance of EMCOR’s Security Program, protecting EMCOR’s information assets and technologies. This includes enhancing the information security management framework, supporting the vendor risk management process, and monitoring external threats. The Security Analyst – Azure Sentinel’s primary role surrounds the configuration, management and maintenance of EMCOR’s Azure Sentinel Service and related data sets.Essential Duties and Responsibilities:
Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
Monitor and evaluate logs from internal systems including SIEM and related security applications.
Investigate and resolve security issues across EMCOR.
Manage, upgrade, and maintain servers and applications for information security tools.
Work with operating companies to investigate incidents and alerts in the Security Incident and Event Management (SIEM) system.
Act as the subject matter expert on Sentinel related services for EMCOR.
Configure, manage, and maintain EMCOR’s Azure Sentinel Platform.
Manage and monitor Sentinel related data in a manner that balances cost effectiveness and access capabilities.
Add and maintain log sources as required.
Develop and maintain workbooks, playbooks, analytics and KQL Queries within the Azure Sentinel Platform that support security and IT Operations.
Track, manage, and follow-up on existing security issues.
Participate in security exercises.
Work with the overall security department to continually improve the security program.
Perform periodic reviews of operating company security processes.
Qualifications:
Minimum of 2 years experience in information technology.
Minimum of 2 years experience in information security management.
Minimum of 1 year experience in End Point Defense and Response (EDR).
Minimum of 3 years experience in System Information and Event Management (SIEM) Systems.
Minimum of 1 year experience managing an Azure Sentinel Platform.
CISSP or GSEC certification or higher education is preferable.
Ability to effectively communicate and interact with personnel at all levels.
Strong project management skills.
Must be capable of delivering a very high level of customer service.
Notice to prospective employees: There have been fraudulent postings and emails regarding job openings. EMCOR Group and its companies list open positions here (https://recruiting.ultipro.com/EMC1002EMCGI/JobBoard/cc563430-39f7-4c82-bdfe-62f295bd857a/?q=&o=postedDateDesc&w=&wc=&we=&wpst=) . Please check our available positions to confirm that a post or email is genuine.EMCOR Group and its companies do not reach out to individuals to help with marketing or other similar services. If an individual is contacted for services outside of EMCOR’s normal application process – it is probably fraudulent.As a leading provider of mechanical and electrical construction, facilities services, and energy infrastructure, we offer employees a competitive salary and benefits package and we are always looking for individuals with the talent and skills required to contribute to our continued growth and success. Equal Opportunity Employer/Veterans/Disabled#emcor#LI-MJ1QualificationsEducationRequired
High School or better
ExperienceRequired
2 years: Experience in information technology.
2 years: Experience in information security management.
1 year: Experience in End Point Defense and Response (EDR).
3 years: Experience in System Information and Event Management (SIEM) Systems.
1 year: Experience managing an Azure Sentinel Platform