Cyber Security Analyst II

CUC Corporate Brand•Dover, DE

2d•Hybrid

About The Position

This position will be responsible for protecting the corporation’s critical information and assets by integrating cybersecurity risk management best practices throughout the enterprise. This position will be responsible for detection and analysis of opportunistic and persistent threats, deploying counter measures and conducting risk and vulnerability assessments across the enterprise (including cloud). As a specialist on the Cyber security team, you will participate in detection and response of cyber incidents, assist in recovery of operations and assist in formulating, updating, and communicating short- and long-term organizational cybersecurity strategies and policies. In addition, you will provide technical support to others on adjacent technical teams and the greater organization. The ideal candidate will have a thorough understanding of incident response protocol and have an understanding of nation state threat actors and their TTPs.

Requirements

Bachelor’s Degree in computer engineering, computer science, or other closely related IT discipline OR 5 years of relevant work experience.
Must hold one of the following certifications: Security+, CEH, GCIH, GREM or CISSP
3 years specialized experience providing technical and end-user assistance on computer hardware and application software support.
2 years of progressively responsible experience in cyber security analysis, incident response, or related experience.
Working knowledge of MITRE ATT&CK and Lockheed Martin’s Cyber Killchain
Working knowledge of memory analysis tools and DFIR best practices
Experience administering enterprise vulnerability management and security awareness solutions
Experience designing and implementing controls to protect OT environments.
Experience administering multi-factor authentication systems
Experience managing enterprise security appliances and/or security monitoring software (IPSs, firewalls etc.)
Experience with enterprise change management and test procedures.
Demonstrated experience dealing with customers and organizational skills are required.
Demonstrated strength in providing strong customer service support.
Strong analytical and problem solving skills.
Good interpersonal, organizational, written and verbal communication skills.
Experience working in a highly regulated environment.
Maintain composure and professional approach when dealing with employees and vendors.
Ability to interpret a variety of instructions furnished in written, oral, diagram or schedule form.
Ability to make decisions logically.
Capable of focusing on details with regards to procedures and workflow.
Ability to lift up to 40 pounds.

Responsibilities

Monitor and analyze security intel generated by company security controls.
Lead triage, containment and eradication.
Participate in threat hunting activities and “deep dive” analysis to maintain a high degree of awareness on the current threat landscape.
Participate in simulated “adversary emulation” exercises and have working knowledge of Red Team tools such as Atomic Red Team and Caldera.
Provide effective incident response, by correlating intelligence from IPS systems, endpoints and third parties.
Administer security awareness training and enterprise vulnerability management solutions, as required.
Administer and maintain leading enterprise commercial endpoint and network based security solutions
Develop and produce reports on all activities and incidents to help maintain day to day status, Develop and report on trends, and provide focus and situational awareness on all issues.
Maintain documentation for all systems and create user guides and standard operating procedures.
Adhere to enterprise change management procedures and corporate security policies, including SLAs for responding to cyber related incidents.
Responsible for tuning and filtering of events and information, creating custom views and content using all available tools following an approved methodology and with approval and concurrence from management.
Maintain system baselines and configuration management items, including security event monitoring “policies” in a manner determined and agreed to by management.
Ensure changes are made using an approval process agreed to in advance.
Produce reports identifying significant or suspicious security events to appropriate parties. Include latest security threat information and tie back to specific intrusion sets of nation state actors when possible.
Maintain knowledge of the current threat landscape via OSINT.
Maintain proficiency and skills through relevant training, conventions, conferences, and on-the-job training.
Interface to third party vendors as necessary for external audits.
Manage investigations involving Cyber Security, including the use of specialized software.
Create system performance metrics and trending for capacity planning
Meet availability and update requirements
Ability to travel 10%

Benefits

Flexible work arrangement
Competitive base salary
Fantastic opportunities for career growth
Cooperative, supportive and empowered team atmosphere
Annual bonus and salary increase opportunities
Monthly recognition events
Endless wellness initiatives and community events
Robust and customizable benefit packages-choose what works best with your life.
Options include generous 401k, medical, dental and life insurance, tuition reimbursement, compensated volunteer hours and MORE!
Paid time off, holidays and a separate bank of sick time!