Cyber Security Analyst

A leading global electronic manufacturing firm

ESSENTIAL FUNCTIONS:
• Tests and evaluates security systems, makes minor improvements, allowing for real-time monitoring and analysis of security alerts.
• Provides second and third tier support for complex potential security incidents reported by customers and identified by monitoring tools.
• Monitors and analyzes network traffic for anomaly reporting and identification of suspicious activity.
• Makes significant efforts to remain technically current with the latest security techniques and trends in the industry that translate to operational action items.
• Evaluates security requirements and conducts feasibility studies to examine software requirements, administration costs, information flow, and makes computer security solutions recommendations to management.
• Make recommendations for changes to the environment that can help in the removal of vulnerabilities and reduction in the risk of exploitation that may result in potential incidents.
• Works with multiple teams to complete full employee investigations and legal discoveries.
• Creates and makes improvements to instruction and knowledge articles for security systems
• Provides reliable and innovative solutions to a variety of problems using advanced problem-solving techniques including performing root cause analysis and identification of corrective action for given problems.
• Interfaces with Cyber Engineering team to validate compliance requirements with enterprise standards, policies and regulations.
• Acts as a security advocate for the entire IT Security team to promote participation and adherence to security policies and procedures.
• Demonstrates exemplary use and knowledge of standards and procedures for task-oriented operations.
• Recommends changes or improvements to policies and procedures in order to improve efficiencies and provides technical input to solution development plans and concept documents.
• Utilizes ticket management systems to track customer issues and requests and provides KPI metric reporting based on actuals and trends to assure SLAs are maintained.
• Assists non-technical associates and management with technology matters.
• Contributes to technical research on new technologies, processes or procedures.
• Works with senior team members to develop reliable solutions to complex problems using ingenuity and creativity.
• Avoids potential security threats and driving counter measure developments for IT managed systems.
• Ensures that all processes and procedures are followed and identified security requirements are met or exceeded
• Demonstrates understanding of business impacts of issues and how they relate to IT owned solutions.
• Mentors junior level team members of the SOC and IT Operations
• Applies Companies Mission Statement and Quality Policy and exhibits enthusiasm for and a desire to see succeed

OTHER RESPONSIBILITIES:
• Perform other duties as necessary

EDUCATION EXPERIENCE AND SKILLS REQUIRED:
• Bachelor of Science Degree in Computer Science, Information Technology, Management Information Systems, Business or another relevant field AND a minimum of 3-5 years’ relevant experience OR a Master of Science Degree in one of the fields noted above AND a minimum of 2 years’ relevant experience OR equivalent combination of education and experience.
• Outstanding academics with the demonstrated ability to apply learned knowledge.
• Demonstrated ability to troubleshoot advanced technical issues and use of infrastructure research tools.
• Proven ability to research, teach and develop team members and implement new technologies effectively
• Demonstrated ability to exercise strong and effective verbal, written, and interpersonal communication skills in a small team setting.
• Must be team-oriented, possess a positive attitude and work well with others.
• Demonstrated ability to work and lead in a team environment.
• Lead in design and/or deployment, and maintenance of new and existing security infrastructure capabilities.
• Demonstrated ability to maintain technically current through outside research, study, and training.
• Information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
• Support design/deployment/maintenance of new and existing security infrastructure capabilities.
• Must be detail-oriented and have the ability to work proactively and effectively with minimal supervision.
• Familiarity with MITRE ATT&CK Framework and Cyber Kill Chain methodology.
• Possess advanced analytical skills and strong ability to maintain composure and remain diplomatic under highly stressful situations and make security decisions impactful to the business.
• Strong multitasking skills to be able to effectively manage multiple activities, including cross-team dependent activities simultaneously.
• Demonstrated effective verbal, written, and interpersonal communication skills.
• Consistently demonstrates quality and effectiveness in work documentation and organization.

DESIRABLE QUALIFICATIONS:
• Information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.
• Working experience and knowledge of security related technologies such as intrusion prevention and detection systems, web proxies, SIEM, firewalls, SOAR, EDR, web application scanner, vulnerability scanners and forensics tools
• Ability to work in a fast paced, dynamic environment
• CISSP certification
• Other security certifications (GCIH, GCED, CISSP)
• Experience with NIST 800-53 and/or NIST Cyber Security Framework (CSF)
• Experience with cyber security policies and implementation of Risk Management Framework (RMF) and compliance reporting
• Experience with administrating/development of Security Orchestration, Automation, and Response (SOAR) and Security information and event management (SIEM) Platforms
• Experience with administrating/development of log management platforms (Splunk, Elastic search/Logstash/Kibana - ELK / Elastic Stack)
• System administration experience: Windows and Linux/Unix Scripting OR development experience (Python, Javascript, Powershell, C#, Perl)