Lead Security Incident Response Analyst (Hybrid Preferred)

Who We Are
Join a team that puts its People First! Since 1889, First American (NYSE: FAF) has held an unwavering belief in its people. They are passionate about what they do, and we are equally passionate about fostering an environment where all feel welcome, supported, and empowered to be innovative and reach their full potential. Our inclusive, people-first culture has earned our company numerous accolades, including being named to the Fortune 100 Best Companies to Work For® list for eight consecutive years. We have also earned awards as a best place to work for women, diversity and LGBTQ+ employees, and have been included on more than 50 regional best places to work lists. First American will always strive to be a great place to work, for all. For more information, please visit www.careers.firstam.com.
What We Do
The Lead Information Security Analyst for the Security Incident Response (SIR) team is responsible for understanding complex business information technology needs specifically focused on the information security infrastructure services. Assumes the lead role supporting the Security Operations Manager in monitoring, investigating, and responding to security events. Provides guidance and prioritization to tasks, as well as assigning tasks and mentoring the team as needed. Provides long-term solutions to Information Technology needs, including protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.
What You'll Do:

• Acts as the team's resource and subject matter expert to answer questions and create resolutions using experience, best practices and sound judgment.
• Provides technical leadership among a global team of highly skilled security analysts/subject matter resources.
• Responsible for assessing information risk and facilitates remediation of identified vulnerabilities for IT security and IT risk across the enterprise.
• Identifies opportunities to reduce risk and documents remediation options regarding acceptance or mitigation of risk
• Conducts risk assessments and interviewing internal and external customers, to gain technical knowledge of security/compliance requirements and to support the business.
• Responsible for security audits and testing. Evaluates system security configurations to ensure efficacy and compliance with policies and procedures.
• Analyzes threats and current security controls as well as current team procedures/processes to identify gaps in the company's security posture.
• Mentors other analysts across the team, leading by example and insisting on high standards.
• Ensures procedural documentation of team functions are updated on a routine basis.
• Anticipates, identifies, and escalates appropriate issues to Manager/Director.
• Provides reports or data points as input to senior management on function-wide metrics and performance as well as provide input to KRI and KPI reporting.
• Reports up on areas of opportunities and/or concerns.
• Ensures compliance with information security standards, policies, and procedures.
• Communicates and implements industry best practices and solutions employed in the information security space.
• Creative self-starter who can think through a task from start to finish and has the technological vision to support the operational and security needs of the enterprise.
• Required to perform duties outside of normal work hours based on business needs.

What You'll Bring

• 5+ years of experience with networking security technologies for the following security technologies are required: Network security: next-gen firewalls, cloud security group, ACLs, Logging and monitoring: SIEM and Cloud Access Security Broker (CASB), Endpoint security: Antivirus, DLP and host compliance, Azure/AWS cloud services and infrastructure
• 5+ years of experience in administering IT security controls in an organization
• Prior experience performing security reviews and risk assessments
• Demonstrated leadership experience in progressively responsible roles in a demanding environment
• Bachelor's degree in Information Systems, Information Security, Computer Science or equivalent combination of education and experience
• 5-7 years of IT security or information security experience with a proven ability to understand complex problems within the field of security operations
• Ability to effectively convey complex issues and communicate to a variety of audiences including technical staff, peers, as well as senior management, and oversight bodies.
• Knowledge of technical infrastructure, networks, databases, and systems in relation to IT Security and IT Risk
• Windows workstation and server administration experience
• Experience in product evaluation and managing vendor relationships
• Excellent written and verbal communication skills
• Excellent interpersonal, relationship-building and teamwork skills
• Experience managing projects with complex inter-dependencies, focusing on both long-range projects and immediate tasks

Pay Range: $87,945- $135,300 annually
This hiring range is a reasonable estimate of the base pay range for this position at the time of posting. Pay is based on a number of factors which may include job-related knowledge, skills, experience, business requirements and geographic location.
What We Offer
By choice, we don't simply accept individuality - we embrace it, we support it, and we thrive on it! Our People First Culture celebrates diversity, equity and inclusion not simply because it's the right thing to do, but also because it's the key to our success. We are proud to foster an authentic and inclusive workplace For All. You are free and encouraged to bring your entire, unique self to work. First American is an equal opportunity employer in every sense of the term.
Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401k, PTO/paid sick leave and other great benefits like an employee stock purchase plan.