Listing Description
As a Cybersecurity Analyst, Incident Response you will:
• Stay abreast of new threats, risks and vulnerabilities
• Review events generated by various security systems and investigates as needed
• Analyze suspicious files, email and suspected malware
• Identify and respond to cyber-security incidents in accordance with the Incident Response process
• Document lessons learned and makes recommendations on any additional controls which are needed to prevent the incident from recurring
• Build new mitigating controls and develop signatures for existing controls
• Proactively apply threat intelligence and hunt for threats in the environment
• Assess the latest security technologies and makes recommendations based on their potential to enhance the security of the enterprise
In this position, you will work in an environment where challenging technical issues will test your knowledge, skills and abilities on a regular basis. You will work with a highly skilled team of Cybersecurity Analysts and Engineers who are continuously striving for the highest standards in order to ensure the security of both our physical and virtual infrastructure.
We are looking for an inquisitive, highly motivated and experienced individual who is as passionate about cyber security. This is an excellent opportunity to continue growing your information security skills in this exciting time of virtualization, automation and orchestration.QUALIFICATIONS
Preferred
Experience in a 24x7 global enterprise, preferably in the Financial industry
SANS GIAC certifications
Experience managing or maintaining malware analysis sandboxes,
Knowledge of malware analysis tools
Python and/or PowerShell scripting
Knowledge of Splunk or other SEM tools
Required
Excellent communication and interpersonal skills
Understanding of the business and the ability to assess and address risk without negatively impacting the business
Ability to work effectively as part of a team
Ability to show initiative and take on new tasks as assigned
Ability to effectively communicate risk as it relates to the business
Ability to identify and analyze malicious code
In depth understanding of Windows operating systems
Ability to evaluate exploit code in relationship to existing security controls
Strong knowledge of networking and internetworking technologies (TCP/IP, HTTP, SMTP, etc.)
Strong knowledge of web application vulnerabilities and solutions
Ability to identify vulnerabilities in networks, systems and applications using COTS tools and manual processes
General knowledge of network and systems forensics
In depth of incident response processes and procedures
General knowledge of threat intelligence
General knowledge of Unix & Linux operating systems
General knowledge of the functions of various security infrastructure, including firewalls, Intrusion Prevention Systems, Proxy Servers, Security Event Managers, VPNs
General knowledge of web application technologies (HTML, JavaScript, etc.)
Ability to provide 24-hour on-call support one week per month (typically only a few calls that week)
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: No Travel
- Telework: No Telecommute