Job Description

You desire impactful work.



You'reRGA ready



RGA is a purpose-driven organization working to solve today's challenges through innovation and collaboration. A Fortune 500 Company and listed among itsWorld's Most Admired Companies, we're the only global reinsurance company to focus primarily on life- and health-related solutions. Join our multinational team of intelligent, motivated, and collaborative people, and help us make financial protection accessible to all.



A Brief Overview

Responsible for supporting and executing standards, procedures, and processes to monitor, maintain, and create new detections. Supports telemetry health monitoring to ensure existing monitoring/alerts are performing as intended. Enable global Security Operations by participating in on-call rotations, alert triage, investigations, and engineering.



What you will do



Participates in 24/7 on-call rotation, alert triage, and investigations Support the team in the Incident Response Lifecycle (readiness, training, response, command, post-mortem) Utilizing CI/CD pipeline, assists with monitoring, maintaining, and optimizing existing detections to ensure high fidelity and low noise detections, inclusive of Detection Playbooks. Supports the validation of security telemetry health and the identification of gaps in telemetry that may introduce risk to the organization. Supports efforts to identify and close detection and telemetry gaps Contributes to purple team exercises by assisting with hunt, data and detection validation. Collaborates with team members and partner teams to capture detection requirements and implement new detections based upon those requirements. Supports purple team engagements for the SOC, identifying and tracking findings. ensuring actionable detection recommendations and security improvements. Performs other duties as assigned

Qualifications

Bachelor's degree or equivalent experience



Required



1+ year of hands-on experience in a Security Operations Center (SOC) or similar environment, with a focus on incident response, threat investigations or detection development Foundational analytical skills with the ability to investigate activity across network, host, cloud, and identify platforms. Ability to operate effectively in a globally distributed team environment. Strong written and verbal communications skills with the ability to effectively collaborate with partner teamso 1+ year experience creating automationworkflows to scale security operations 1+ year experience using Threat Intelligence to enhance monitoring and detections 1+ year experience identifying and addressing telemetry gaps in security monitoring 1+ year experience contributing to purple team exercises, including supporting risk hunting, telemetry validation, and detection efficacy

Technical Requirements



General knowledge of SIEM/SOAR technology (Splunk, CrowdStrike, Sentinel, etc.) EDR Platforms (CrowdStrike, Microsoft Defender, etc.) Network and client / server technologies and standards Malware prevention and remediation General knowledge of Cloud Computing Security (AWS, Azure, GCP) AM/AAA technologies and architectures (Entra/Active Directory, Okta, OpenID, SAML, Oauth, JWT, LDAP) General email security concepts M365 Suite and Environment Forensic tools (FTK, Encase, X-Ways, SIFT)

ServiceNow

What you can expect from RGA:

Gain valuable knowledge from and experience with diverse, caring colleagues around the world. Enjoy a respectful, welcoming environment that fosters individuality and encourages pioneering thought. * Join the bright and creative minds of RGA, and experience vast, endless career potential.