Information Security Operations Analyst-1 at First American in Santa Ana, California

Posted in Other 18 days ago.

Job Description:

Company Summary

Join our team! As a global leader in providing title insurance, settlement services and risk solutions for real estate transactions, First American (NYSE: FAF) is an ideal place to build your career. We have been entrusted with helping our customers achieve and protect their dream of homeownership since 1889. We believe that our people are the key to the company's continued success, and we invest in diverse talents and backgrounds and empower our teams to achieve more than they could anywhere else. First American has created an award-winning culture and has been named to the Fortune 100 Best Companies to Work For list for the fifth consecutive year and to more than 50 regional Best Places to Work lists. For more information, please visit

Job Summary

Information Security Analyst

Job Description


Analyst in Security Operations Center (SOC) work alongside security engineers and SOC managers. They are responsible for ensuring the protection of digital assets from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, or destruction both online and on-premise.

SOC Analyst's primary responsibility is to identify, secure, and weed out the threats as front-line defense personnel. They should alert and apply aggressive filter to quickly identify suspicious activity and mitigate risks before any incident occur. They work in coordination with other departments in identifying and correcting flaws in existing processes, systems, programs, and solutions while recommending measures to improve the overall security posture. The SOC is also responsible for operating and supporting enterprise security tools.


  • Monitor security access and report suspicious activity to a higher level or team members

  • Conduct security assessments regularly to identify vulnerabilities and performing risk analysis.

  • Analyze the breach to reach the root cause.

  • Generate reports for IT administrators, business managers, and security leaders. These reports serve as an input to evaluate the efficacy of the security policies.

  • Advise and implement necessary changes required to counter the attack or improvise security posture.

  • Perform operational activities on security tools and contribute to tuning and security strategies.

  • Document incidents to contribute to incident response and disaster recovery plans.

  • Perform internal and external security audits.

  • Conduct risk assessments, interviewing internal and external customers, to gain technical knowledge of security/compliance requirements.

  • Maintain firewall access control policies

  • Provide technical support/troubleshooting for security services

  • Fulfill security service requests including but not limited to firewall rule changes, web filtering exceptions and encryption/decryption policy updates

  • Is part of an on-call rotation schedule to provide incident response and project support.

Knowledge and Skills/Technology Used

Should have hands on working experience of the following technologies

  • Experience with security incident response handling

  • Logging and monitoring: SIEM and Cloud Access Security Broker (CASB)

  • Endpoint security: AntiVirus, DLP and host compliance scan

  • Network security: IPS/IDS, traditional and next-gen firewalls, cloud security group, decryption

  • Data Protection: encryption/decryption, HSM, KMS, DLP

  • Windows and Unix operating systems

  • Cloud Security, infrastructure and cloud native services

  • Networking, network protocols and network services

Typical Education

Bachelor's Degree, Information Systems, Computer Science, Information Security, Telecommunications or equivalent work experience required.

Typical Range of Experience

Must have minimum 2+ years information security experience.

Should have minimum 1-2 years of experience with networking technologies

Experience in implementing Information Security technologies and/or processes required.

Experience in defining Information Security strategy and integrating security technologies into corporate frameworks.

License or Certification

Certification: CISSP, GIAC, C|SA and certifications for various security technologies are preferred.

First American invests in its employees' development and well-being, empowers them to provide superior customer service and encourages them to serve the communities where they live and work. First American is committed to diversity and inclusion. We are an equal opportunity employer.

Based on eligibility, First American offers a comprehensive benefits package including medical, dental, vision, 401K and other great benefits like an employee stock purchase plan. For more information about our Company and our dedication to putting People First, check out