Overview We are seeking a full-time Cyber Security Analyst 2 at Garmin's U.S. headquarters in the Greater Kansas City area.

In this role, you will be responsible for performing security monitoring, conducting investigations, and developing solutions to remediate cyber threats to the Garmin IT environment.

Essential Functions Provide recommendations to stakeholders on potential solutions to cyber security threats Create/update analytical paths (playbooks) based on trend analysis to triage and remediate security events to improve/prevent incident response while minimizing business impact Provide incident reporting for internal/external cyber investigations to support business functions Coordinate efforts with Security Engineering Team to enforce enterprise standards, policies, and regulations Analyze security events - network traffic, endpoint indicators, and various log sources to identify threats, assess potential damage, and perform countermeasures while considering business risk Perform research on the latest threats and technological advancements in combating adversarial tactics and make recommendations on potential solutions Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation Review and validate security compliance reports to track business as usual and out of policy activities Serve as mentor to level 1 team members on the SOC, IT Operations, and Service Desk Ability to support Garmin’s Security Operations Center as needed and to support 24/7 coverage and weekend and/or night coverage may be required Basic Qualifications Bachelor’s Degree in Computer Science, Information Technology, Management Information Systems, Business, or related field AND a minimum of 1 year relevant experience OR an equivalent combination of education and relevant experience Possess analytical skills and strong ability to maintain composure and remain diplomatic under highly stressful situation Demonstrated experience and knowledge of security related technologies such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners and forensics tools

Experience: with system hardening techniques and methodologies Familiarity with MITRE ATT&CK Framework and Cyber Kill Chain methodology Strong multitasking skills to be able to effectively manage multiple activities, including cross-team dependent activities simultaneously Demonstrated effective verbal, written, and interpersonal communication skills Must be team-oriented, possess a positive attitude and work well with others Understanding of TCP/IP networking, web infrastructure applications, tools and processes used in security incident detection and response Desired Qualifications Security + certification Other security certifications (GCIH, GCED, CISSP)

Experience: with cyber security policies and implementation of Risk Management Framework (RMF)

Experience: with NIST 800-53 and/or NIST Cyber Security Framework (CSF)

Experience: in Security Orchestration, Automation, and Response (SOAR) and Security information and event management (SIEM) Platforms

Experience: with log management platforms (Splunk, Elastic search/Logstash/Kibana

• ELK / Elastic Stack) System administration experience: Windows and Linux/Unix Scripting OR development experience (Python, JavaScript, PowerShell, C#, Perl) Garmin International is an equal opportunity employer.

Qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, veteran’s status, age or disability.

This position is eligible for Garmin's benefit program.

Details can be found here: Garmin Benefits
Essential Functions Provide recommendations to stakeholders on potential solutions to cyber security threats Create/update analytical paths (playbooks) based on trend analysis to triage and remediate security events to improve/prevent incident response while minimizing business impact Provide incident reporting for internal/external cyber investigations to support business functions Coordinate efforts with Security Engineering Team to enforce enterprise standards, policies, and regulations Analyze security events - network traffic, endpoint indicators, and various log sources to identify threats, assess potential damage, and perform countermeasures while considering business risk Perform research on the latest threats and technological advancements in combating adversarial tactics and make recommendations on potential solutions Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation Review and validate security compliance reports to track business as usual and out of policy activities Serve as mentor to level 1 team members on the SOC, IT Operations, and Service Desk Ability to support Garmin’s Security Operations Center as needed and to support 24/7 coverage and weekend and/or night coverage may be required
Basic Qualifications Bachelor’s Degree in Computer Science, Information Technology, Management Information Systems, Business, or related field AND a minimum of 1 year relevant experience OR an equivalent combination of education and relevant experience Possess analytical skills and strong ability to maintain composure and remain diplomatic under highly stressful situation Demonstrated experience and knowledge of security related technologies such as intrusion prevention and detection systems, web proxies, SIEM, SOAR, EDR, firewalls, web application scanner, vulnerability scanners and forensics tools

Experience: with system hardening techniques and methodologies Familiarity with MITRE ATT&CK Framework and Cyber Kill Chain methodology Strong multitasking skills to be able to effectively manage multiple activities, including cross-team dependent activities simultaneously Demonstrated effective verbal, written, and interpersonal communication skills Must be team-oriented, possess a positive attitude and work well with others Understanding of TCP/IP networking, web infrastructure applications, tools and processes used in security incident detection and response Desired Qualifications Security + certification Other security certifications (GCIH, GCED, CISSP)

Experience: with cyber security policies and implementation of Risk Management Framework (RMF)

Experience: with NIST 800-53 and/or NIST Cyber Security Framework (CSF)

Experience: in Security Orchestration, Automation, and Response (SOAR) and Security information and event management (SIEM) Platforms

Experience: with log management platforms (Splunk, Elastic search/Logstash/Kibana

• ELK / Elastic Stack) System administration experience: Windows and Linux/Unix Scripting OR development experience (Python, JavaScript, PowerShell, C#, Perl) Garmin International is an equal opportunity employer.

Qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, veteran’s status, age or disability.

This position is eligible for Garmin's benefit program.

Details can be found here: Garmin Benefits