Cyber Security Analyst
Demonstration of leadership abilities in a large corporate environment, as well as a strong comprehension of malware, emerging threats, and calculating risk, will be critical to success.
- Perform daily incident response operations, with a strict schedule that has been defined by the manager,
- operation of the security platforms, monitoring, and analysis of security alerts/message in SIEM,
- ability to identify compromised computers using logs, live response, and related computer-centric evidence sources,
- lead small to medium size projects as directed by management,
- continuous improvement/creations of cyber security monitoring (Detections/Alerts),
- demonstrate proficiency in event analysis and tool utilization (identification, response, escalation),
- exhibit necessary skills, expertise, and creativity required to succeed in technical duties (containment & remediation),
- exercise attention to detail and due care in regards to work-related communication and documentation,
- exhibit willingness to learn, a desire to collaborate with others, and the drive to take on additional responsibilities when called upon,
- pursue job-related growth and knowledge via higher education, certification, and training,
- maintain awareness of changing processes, procedures, and standards critical to job performance,
- ability to multitasks.
- Must be willing to work in shifts to work across global time zones,
- strong IT Experience or Degree in Computer Science or a related technical degree.
- Works well with other people, a good team player,
- have strong verbal and written communication and good listening skills,
- has a sense of diplomacy, and decision-making skills to handle the often fast-paced role of an incident handler/investigator,
- previous experience working in shifts,
- understanding of common network services (Web, mail, DNS, authentication),
- understanding of common APT, Cyber Crime and other associated tactics,
- previous hands-on experience in the field of IT security (Threat prevention, SIEM, Endpoint protection) is a plus,
- previous hands on scripting or programming experience is a plus,
- CISSP, CISM or related SANs certification is a plus,
- experience with host-centric detection and response skills is a plus.