The Cybersecurity Analyst supports the risk mitigation efforts of our clients' Cyber Defense Operations (CDO) under the Information Security and Technology Risk group in order to safeguard and protect our information assets and critical data from current and emerging Cyber threats.
The Lead will apply their Cybersecurity skills and knowledge in the day-to-day management Cyber activities including, but not limited to:
- Use provided tools to perform continual monitoring and analysis of system activity to identify malicious activity and configure mitigations.
- Maintenance of various security tools and technologies such as: advanced malware detection, DDoS, IDS/IPS, DLP, Anti-spam as well as other Cyber threat intelligence and vulnerability management capabilities.
- Coordinate with other departments to manage and administer the updating of rules and signatures across the information security stack
- Conduct research, trend analysis, correlation and reporting across a wide variety of internal and external source data sets (e.g., network, OS, DB and application logs and alerts).
- Support the triage, investigation and response of Cybersecurity incidents. Analyze identified malicious activity in the computing environment to determine weaknesses exploited, exploitation methods, and effects on system and information.
- Prioritize and assign tasks to other team members as appropriate
- Lead Cybersecurity awareness program and training exercises.
What We’re Looking For
- Completed University degree in Computer Science, Cybersecurity or a related technical field
- 5 years’ experience as cybersecurity analyst, information systems security administrator, or specialized expertise in cyber incident management, intelligence, analytics, audit.
- CISSP Preferred but not required
The Expertise You Bring
- Proficient and demonstrated experience in managing network security, UNIX and Windows operating systems security and Database security. Scripting knowledge of PowerShell, SQL, Excel VBA
- Excellent knowledge of Cybersecurity detect and respond methodologies, standards and best practices
- Knowledge of security threats, common attack vectors and the use of security tools to monitor the technology infrastructure and computing environment.
- Understanding of complex, enterprise-wide information systems security architecture and how network, application and host-based security controls work.
- Understanding of the underlying protocols including: HTTP, HTTPS, SQL, TCP/IP, Active Directory. Experience in Cloud Security & Integration (preferably AWS).
- Good understanding of systems development life cycle and secure application development.