Sr. Cyber Security Analyst – Incident Response

Role Summary

We’re looking for a passionate and highly motivated professional to serve as a senior member of our Incident Response program. The Senior Cyber Security Analyst will use his or her experience and expert knowledge to defend our networks, systems, and data from attack. Understanding current tactics, techniques, and procedures used by adversaries you will apply that knowledge to the investigation of cyber-attacks, ensuring appropriate steps are taken to mitigate and remediate the threats. You will serve as an escalated contact working closely with others within our broader cyber and technology organizations to support our mission.



Responsibilities

Accountable for all aspects of the cyber security analysis process for their work, ensuring all steps required to investigate, mitigate, and remediate potential incidents are followedYou will contribute to the development of and improvement in cyber security standard methodologies within your group, working with leadership as necessaryAbility to think critically, breaking down complex or vague problems and stepping through them in a rational wayFlexible in his or her thinking; able to evolve a solution when additional information or ideas are presentedDecisions and recommendations distinguish between near term mitigation and required future investmentsIdentifies when junior resources need help and provides mentoring in a positive way that promotes confidence

Business Knowledge:

Can articulate cyber security risk and translate into practical solutions to technology teamsThorough knowledge of the cyber analysis program associated objectivesUnderstanding and awareness of any potential impact actions may have on the broader business of the firm

Qualifications

Required:

Typically, 4+ years of relevant experienceUp to date with relevant cyber security threats and counter measuresDeep understanding of incident response processes and proceduresShows a commitment to quality by implementing suitable solutionsDeep understanding of TCP/IP, OSI model, and component and systems dependencies conceptsFamiliarity with network forensics including PCAP analysis, network security, and IDS/IPS analysisUtilizes Cyber Threat Intelligence and Cyber Security Awareness concepts to influence workIn-depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systemsKnowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, and SIEMKnowledgeable in Cyber risk management frameworks, web application technologies, and network and systems forensicsAbility to investigate and analyze malicious code (basic static/dynamic analysis)Ability to work as part of a team, show initiative and take on new tasks as assignedAbility to perform risk analysis and communicate that risk to othersGeneral understanding of AWS, Azure, and/or Google Cloud

Preferred:

Experience in a 24x7 global enterprise, preferably in the financial industrySANS GIAC (GSEC, GCIA, GCIH, GCFA, etc.), CISSP, CEH, Security+, or similar information security certificationsScripting experience, preferably Python and/or PowerShellSplunk knowledgeGeneral system administration experience

FINRA Requirements

FINRA licenses are not required and will not be supported for this role.



Work Flexibility

This role is eligible for full time remote work.