Listing Description
Do you enjoy solving advanced technical problems, working with best of breed security tools on a team of highly skilled Cybersecurity Analysts and Engineers? Yearn for the opportunity to identify and respond to incidents and threats for a global enterprise? Enjoy building and maintaining successful relationships through direct interaction with peers, managers, and other technical teams? Partnering with management to build a collaborative working environment while promoting high standards, exercising good judgment and professionalism? If you do, then its sounds like you are just the person we are looking for to join our Enterprise Security team at T. Rowe Price.
As a Sr. Cybersecurity Analyst, Incident Response you will:
•Stay abreast of new threats, risks and vulnerabilities
•Review events generated by various security systems and investigates as needed
•Analyze suspicious files, email and suspected malware
•Identify and respond to cyber-security incidents in accordance with the Incident Response process
•Document lessons learned and makes recommendations on any additional controls which are needed to prevent the incident from recurring
•Build new mitigating controls and develop signatures for existing controls
•Proactively apply threat intelligence and hunt for threats in the environment
•Assess the latest security technologies and makes recommendations based on their potential to enhance the security of the enterprise
In this position, you will work in an environment where challenging technical issues will test your knowledge, skills and abilities on a regular basis. You will work with a highly skilled team of Cybersecurity Analysts and Engineers who are continuously striving for the highest standards in order to ensure the security of both our physical and virtual infrastructure.
We are looking for an inquisitive, highly motivated and experienced individual who is as passionate about cybersecurity. This is an excellent opportunity to continue growing your information security skills in this exciting time of virtualization, automation and orchestration.QUALIFICATIONS
Preferred
•Experience in a 24x7 global enterprise, preferably in the Financial industry
•SANS GIAC certifications
•Experience managing or maintaining malware analysis sandboxes,
•Knowledge of malware analysis tools
•Python and/or PowerShell scripting
•Knowledge of Splunk or other SIEM tools
Required
•2+ years of relevant experience
•Excellent communication and interpersonal skills
•Understanding of the business and the ability to assess and address risk without negatively impacting the business
•Ability to work effectively as part of a team
•Ability to show initiative and take on new tasks as assigned
•Ability to effectively communicate risk as it relates to the business
•Ability to identify and analyze malicious code
•In depth understanding of Windows operating systems
•Ability to evaluate exploit code in relationship to existing security controls
•Strong knowledge of networking and internetworking technologies (TCP/IP, HTTP, SMTP, etc.)
•Strong knowledge of web application vulnerabilities and solutions
•Ability to identify vulnerabilities in networks, systems and applications using COTS tools and manual processes
•General knowledge of network and systems forensics
•In depth of incident response processes and procedures
•General knowledge of threat intelligence
•General knowledge of Unix & Linux operating systems
•General knowledge of the functions of various security infrastructure, including firewalls, Intrusion Prevention Systems, Proxy Servers, Security Event Managers, VPNs
•General knowledge of web application technologies (HTML, JavaScript, etc.)
•Ability to provide 24-hour on-call support one week per month (typically only a few calls that week)
Listing Details
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: No Travel
- Telework: No Telecommute