- Professional
You desire impactful work.
You’re RGA ready
RGA is a purpose-driven organization working to solve today’s challenges through innovation and collaboration. A Fortune 500 Company and listed among its World’s Most Admired Companies, we’re the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.
A Brief Overview
Responsible for supporting and executing standards, procedures, and processes to monitor, maintain, and create new detections. Supports telemetry health monitoring to ensure existing monitoring/alerts are performing as intended. Enable global Security Operations by participating in on-call rotations, alert triage, investigations, and engineering.
What you will do
- Participates in 24/7 on-call rotation, alert triage, and investigations
- Support the team in the Incident Response Lifecycle (readiness, training, response, command, post-mortem)
- Utilizing CI/CD pipeline, assists with monitoring, maintaining, and optimizing existing detections to ensure high fidelity and low noise detections, inclusive of Detection Playbooks.
- Supports the validation of security telemetry health and the identification of gaps in telemetry that may introduce risk to the organization.
- Supports efforts to identify and close detection and telemetry gaps
- Contributes to purple team exercises by assisting with hunt, data and detection validation.
- Collaborates with team members and partner teams to capture detection requirements and implement new detections based upon those requirements.
- Supports purple team engagements for the SOC, identifying and tracking findings. ensuring actionable detection recommendations and security improvements.
- Performs other duties as assigned
Qualifications
Bachelor’s degree or equivalent experience
Required
- 1+ year of hands-on experience in a Security Operations Center (SOC) or similar environment, with a focus on incident response, threat investigations or detection development
- Foundational analytical skills with the ability to investigate activity across network, host, cloud, and identify platforms.
- Ability to operate effectively in a globally distributed team environment.
- Strong written and verbal communications skills with the ability to effectively collaborate with partner teams• 1+ year experience creating automationworkflows to scale security operations
- 1+ year experience using Threat Intelligence to enhance monitoring and detections
- 1+ year experience identifying and addressing telemetry gaps in security monitoring
- 1+ year experience contributing to purple team exercises, including supporting risk hunting, telemetry validation, and detection efficacy
Technical Requirements
- General knowledge of SIEM/SOAR technology (Splunk, CrowdStrike, Sentinel, etc.)
- EDR Platforms (CrowdStrike, Microsoft Defender, etc.)
- Network and client / server technologies and standards
- Malware prevention and remediation
- General knowledge of Cloud Computing Security (AWS, Azure, GCP)
- AM/AAA technologies and architectures (Entra/Active Directory, Okta, OpenID, SAML, Oauth, JWT, LDAP)
- General email security concepts
- M365 Suite and Environment
- Forensic tools (FTK, Encase, X-Ways, SIFT)
ServiceNow
What you can expect from RGA:
Gain valuable knowledge from and experience with diverse, caring colleagues around the world.
Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought.
Join the bright and creative minds of RGA, and experience vast, endless career potential.
