Threat Monitoring Analyst - Chevron Houston, TX, United States Bookmark Share Print 483 3 13

Listing Description

Chevron is seeking a dynamic team individual for the Threat Monitoring team within the Cyber Threat Analysis and Monitoring organization. This individual is responsible for conducting robust security monitoring of Chevron’s vast computer network infrastructure. The analyst will possess current technical skills and have experience supporting a 24x7 Security Operations Center (SOC) in the areas of network security monitoring and detection operations. The candidate will be an excellent communicator and will interact with others from executive levels down throughout the company in structured and unstructured situations. This individual ensures appropriate processes are followed to triage relevant security events, and makes recommendations for process improvements in support of Lean Six Sigma / Lean IT initiatives. The analyst is a technical expert on intrusion detection and works closely with Cyber Incident Response Team (CIRT) and the Technical Intelligence team to ensure events are processed and triaged correctly and efficiently. The candidate will take part in shift work on either a morning (5:00 AM CST – 3:00 PM CST) or evening (12:00 PM CST – 10:00 PM CST) 4x10 schedule, along with Singapore-based counterparts, to support the CIC 24/7 operations.Responsibilities for this position may include but are not limited to:

Responsible for operational processes and workflow of IPS/IDS/SIEM security event monitoring and analysis of cyber threat activity for the identification of advanced persistent threats and malware in near real-time.

Recognizes potential, successful, and unsuccessful intrusion attempts and compromises, and performs thorough reviews and analyses of relevant event detail and summary information.

Ability to conduct packet analysis and be able to modify and add custom monitoring policies and signatures within Intrusion Prevention Systems and Security Information and Event Management systems to account for lack of monitoring in areas as warranted by threat changes, such as zero-day threats.

Determines appropriate response action(s) required to mitigate risk and assist in providing threat and damage assessment for security threats which may impact Chevron networks.

Ensures all pertinent information is obtained to allow for the identification, categorization, and triage actions to occur in a time sensitive environment.

Track and maintain knowledge and understanding of adversarial tactics, techniques, and procedures.

Conduct data tracking and analysis tasks in order to identify computer probes/exploits/attacks as they occur, including technical aspects of intrusion detection and providing substantial input to cyber threat countermeasures.

Gathers data and contributes to the creation of detailed security monitoring reporting that communicates effectively to every level of Chevron including monthly trends of incidents and detailed security events.

Optimizes SIEM effectiveness by working with analysts and developers within Security Operations to ensure signature quality and fine tuning.

Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity.

Coordinates activities across the integrated team ensuring that products merge threat and technical intelligence findings.

Develops collaborative information and knowledge sharing networks and builds alliances with colleagues and counterparts within and/or across the organization

Possesses the ability to recommend and propose new technical analysis solutions within the intrusion detection and SIEM domains.

Provides input to assist with implementation of counter-measures or mitigating controls.

Performs activities per established documentation as needed, including SOPs to be used by team members.

Works within the security monitoring team to ensure functional coverage on a 24/7 basis; this may also include weekend work.

Ensures requests for information are answered in a thorough and expedient manner.