Cybersecurity Analyst (SOC) - Mid Level

SPTS division of KLA designs, manufactures and markets wafer processing solutions for the global semiconductor and related industries. SPTS provides industry leading etch and deposition process technologies on a range of single wafer handling platforms. End-market applications include MEMS, advanced packaging, LED, high speed RF device ICs and power semiconductors. SPTS is part of KLA Corporation which develops industry-leading equipment and services that enable innovation throughout the electronics industry. We provide advanced process control and process-enabling solutions for manufacturing wafers and reticles, integrated circuits, packaging, printed circuit boards and flat panel displays. In close collaboration with leading customers across the globe, our expert teams of physicists, engineers, data scientists and problem-solvers design solutions that move the world forward.

The Cybersecurity group at KLA is involved in every aspect of the global business. The KLA Cybersecurity group defends against cyber-attacks and provides cybersecurity tools, incident response services and assessment capabilities to safeguard the environments that support the essential operations of KLA. We are passionate about identifying adversarial activities and anticipating a wide variety of threats to strengthen our defenses and the overall protection of KLA Intellectual Property.

The SOC Analyst is responsible for incident response, threat hunting, and maintaining the security tools that are used to secure our environment. This individual will have a specific focus on Incident Response, tuning detection rule-sets, and generating and responding to tickets across relevant IT and Cybersecurity teams.

• As an active member of the team, which monitors and process responses for security events on a 24x7 basis.
• Security alert monitoring, triage, and analysis to prioritize and differentiate between potential intrusion attempts and false alarms.
• Actively perform detection, monitoring, analysis, and resolution of security incidents.
• Must be able to prioritize their own work and tasks for response
• Participate in the execution of regular incident response and postmortem exercises.
• Facilitate the development and tuning of AV, EDR, SIEM, and DLP rules to ensure high fidelity alerting.
• Communication with management as the need arises: keeping informed of incident progress, notifying of impending changes or agreed outages.
• Generate reports from different data sources and present to management as required.
• Must be able to maintain awareness of trends in security regulatory, technology, and operational requirements.

• Some domestic and/or international travel (up to 10%) may be required.
• Ability to communicate clearly with other team members

KLA\'s benefits package includes: Annual leave starting at 25 days (plus bank holidays), contributory pension scheme, cash health plan, cycle to work scheme, global bonus plan, share scheme, rewards scheme and life assurance!

We offer a competitive, family friendly total rewards package. We design our programs to reflect our commitment to an inclusive environment, while ensuring we provide benefits that meet the diverse needs of our employees.

KLA is proud to be an equal opportunity employer.

• Extensive related experience in cybersecurity or related technologies such as: firewalls/AV/EDR/IPS/IDS/SIEM, and forensic tools.
• Experience working in or with a Security Operations Center (SOC) in an Incident Responder role.
• Proficiency in Operating Systems (Windows/Linux/Mac).
• Technical awareness: ability to match resources to technical issues appropriately.

• Bachelor\'s Degree or equivalent experience in an Information Security/related IT field.
• Relevant security related certification(s) a plus: CISSP, GCIA, GSEC, GCIH, GCED, GCFA, GREM.

KLA is proud to be an equal opportunity employer.

Be aware of potentially fraudulent job postings or suspicious recruiting activity by persons that are currently posing as KLA employees. KLA never asks for any financial compensation to be considered for an interview, to become an employee, or for equipment. Further, KLA does not work with any recruiters or third parties who charge such fees either directly or on behalf of KLA. Please ensure that you have searched KLA’s Careers website for legitimate job postings. KLA follows a recruiting process that involves multiple interviews in person or on video conferencing with our hiring managers. If you are concerned that a communication, an interview, an offer of employment, or that an employee is not legitimate, please send an email to talent.acquisition@kla.com to confirm the person you are communicating with is an employee. We take your privacy very seriously and confidentially handle your information.