Cybersecurity Operations Analysts Principals #IN1269

About The Position

Requirements

• Knowledge of information security policies and industry best practices.
• Ability to lead complex response to computer security incidents.
• Ability to provide timely updates and recommendations to multiple business units.
• Experience working with threat data.
• Skill in writing reports and briefing event details to leadership.
• Ability to coordinate remediation with personnel.
• Ability to analyze potential impact of new threats and exploits.
• Ability to communicate risks to Cyber Security Engineering.
• Ability to monitor information security related web sites (e.g., SANS Internet Storm Center) and mailing lists (e.g., BugTraq).
• Understanding of how technology employed by the Incident Response team compliments operational processes.
• Ability to investigate and analyze response activities using Cybersecurity Incident Response plans.
• Understanding and application of concepts of computer forensics.
• Ability to provide guidance to tier one and other first responders for Information Security Incidents.
• Ability to perform operations according to Cybersecurity Defense Operations plan.
• Ability to participate in industry task forces and working groups.
• Skill in developing requirements for technical capabilities for cyber incident management.
• Ability to recommend configuration changes for cyber analysis tools.
• Proficiency in assessing cybersecurity attacks using cybersecurity standards and tools including Security Orchestration Automation & Response (SOAR).
• Ability to manage information security data sources.
• Skill in troubleshooting complex, cross-business issues within security and privacy protections.
• Ability to perform root cause analysis and make recommendations.
• Ability to coach and mentor less senior Cyber Security employees.
• Skill in identifying and managing risks.
• Ability to recommend improvements to Incidents Response Processes and Procedures.
• Ability to develop strong relationships using Business Relationship Management practices.

Responsibilities

• Ensuring information and data on computer systems is protected and all networks and computer systems are adequately secure to prevent unauthorized access.
• Lead execution of complex response to computer security incidents according to the Information Security Policies and Industry Best Practices.
• Lead efforts of and provide timely updates and recommendations to multiple business units during response.
• Contribute to a team of cybersecurity professionals while working with threat data, writing reports, briefing event details to leadership, and coordinating remediation with personnel.
• Lead analysis of potential impact of new threats and exploits and communicate risks to Cyber Security Engineering.
• Monitor information security related web sites including SANS Internet Storm Center and mailing lists – BugTraq, to stay up to date on current attacks and trends.
• Ensure technology employed by the Incident Response team compliments operational processes.
• Investigate and analyze relevant response activities using Cybersecurity Incident Response plans to end malicious activity and restore business operations.
• Understand and apply concepts of computer forensics.
• Provide guidance to tier one and other first responders for proper handling of Information Security Incidents.
• Perform operations according to Cybersecurity Defense Operations plan to detect and mitigate potential or real-time internal and external threats.
• Participate in industry task forces and working groups where appropriate to understand current and future threats.
• Develop requirements for technical capabilities for cyber incident management.
• Recommend configuration changes to improve the performance, usability, and value of cyber analysis tools.
• Assess internal and external cybersecurity attacks using cybersecurity standards and tools including Security Orchestration Automation & Response (SOAR) to identify specific vulnerabilities.
• Manage the information security data sources to maintain organizational situational awareness.
• Trouble-shoot very complex, cross-business issues within existing security and privacy protections.
• Perform root cause analysis and make recommendations on changes.
• Coach and mentor less senior Cyber Security employees.
• Identify and manage risks, recommending improvements to Incidents Response Processes and Procedures.
• Develop strong relationships to deliver business value using Business Relationship Management practices.