The Cyber Security Analyst provides consulting and technical services as assigned by the Chief Information Security Officer. The Cyber Security Analyst will perform daily tasks associated with cyber security incident response and cyber security investigations including incidents, issues, and analysis.
The incumbent will assist in the development of new processes and procedures for gathering, handling, searching, and retrieving, digital and/or physical evidence related to security incidents and investigations. Additionally, the Cyber Security Analyst will be responsible to manage the vulnerability scanning program and function.
The Cyber Security Analyst will maintain key relationships with information technology, legal, human resources, and other appropriate business units to ensure all incident response activities and investigations are conducted in a manner commensurate with local laws, regulatory obligations, and approved bank practices.
The Cyber Security Analyst must integrate process with technology incident response, crisis management, business continuity, and corporate security. This role requires experience in all phases of incident response including preparation, notification, response, recovery, analysis, and post-mortem. The incumbent must exhibit strong coordination and communications skills with a demonstrated track record of collaboration, communicating clearly and effectively to executive leadership and customer/client stake holders.
The candidate that fulfills this role will be expected to have outstanding process development and documentation experience and excellent intra-business relationship management skills in addition to exceptional technical expertise. This role interacts with all levels of the organization, particularly within the IT organization and is viewed as a subject matter expert for security events. Specifically, the position is responsible for:
- Response to security incidents across a wide array of technologies. Mitigate and contain impact from security events, coordinate remediation efforts, summarize and make recommendations to senior management for improvements
- Investigation of network intrusions and other cyber security incidents to determine the cause and extent of the breach. Includes ability to perform host-based and network-based analysis across all major operating systems and network device platforms
- Authors incident response reports and lessons learned to include root cause analysis (RCA)
- Security event monitoring, investigation, and overall incident response process
- Driving efforts towards containment of threats and remediation of environment during or after an incident
- Serve as a technical lead on proactive engagements, such as compromise assessments and incident preparedness engagements, including tabletop exercises
- Develop and enhance cyber incident response processes and procedures leveraging relationships with front line operations teams and available tools and systems
- Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness to security matters and corporate needs
- Perform related duties as required
Qualifications / requirements:
- Experience in leading major incident events and distributed concise, accurate incident status communication protocols throughout enterprise
- Established processes for immediate response to high profile threats and vulnerabilities
- Worked with stakeholders and vendors to manage critical incidents from managed service offerings
- Experience creating trending, metrics, and management reports
- Experience across the following technical concentrations:
- Network-Based Security Controls (Firewall, IPS, WAF, MDS, Proxy, VPN)
- Anomaly Detection and Investigation
- Command line tools (grep, powershell, python), and other programming languages.
- Operating Systems (Linux, Windows, Mac required)
- Vulnerability management (Qualys preferred)
- Log analysis of Windows Event Logs, Apache, IIS, and firewall logs. Proficiency in Splunk and Securonix
- Data Loss Prevention technology (Symantec preferred).
- Deep understanding of vulnerability scanning, network protocols and troubleshooting
- Well-developed analytic, qualitative, and quantitative reasoning skills. Demonstrated creative problem solving abilities.
- Assemble and coordinate with technical teams and third-party vendors to resolve incidents as quickly and efficiently as possible.
- Ensure that all incidents are recorded and tracked to meet audit and legal requirements where necessary.
- Manage the vulnerability Scanning program and perform vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls
- Ability to analyze large data sets and unstructured data for the purpose of identifying trends and anomalies indicative of malicious activity, as well as demonstrated capability to learn and develop new techniques
- Strong knowledge of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current information security landscape
- Ability to research, develop, and keep abreast of tools, techniques, and process improvements in support of security detection and analysis in accordance with current and emerging threat and attack vectors
- Planning and project management
- Bachelor’s degree in computer science or technology-related field (or equivalent work experience)
- Data Analytics industry experience preferred but not required
- Ability to establish and maintain a professional working relationship with all levels of staff, hospital clients and the public.
- Detail oriented with the ability to work with minimum/no supervision.
- Ability to understand and follow verbal and written communications.
- Willingness to be a part of a team-unit and cooperate in the accomplishment of departmental goals and objectives.
- Minimum of 5 years in information security
Diversity creates a healthier atmosphere: Sentry Data Systems, Inc. is an Equal Employment Opportunity and Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, protected veteran status, disability status, sexual orientation, gender identity or expression, marital status, genetic information, or any other characteristic protected by law.