Cyber Security Operations Analyst II

Svbank (Salt Lake City, WB, India) 3 days ago

Protect SVB by providing predictable and timely response to Cybersecurity threats, incidents, and/or requests for investigation utilizing industry leading tools and practices. Assist in the development of playbooks and automation for repeatable tasks to speed the investigation of and provide accurate and consistent response to security events. Provide forensic analysis of the digital component of investigations and regulatory requests from SVB business units.



The Cybersecurity Analyst will leverage their knowledge of enterprise systems, cybersecurity attack methods and forensic techniques to respond to escalated incidents. The Cybersecurity Analyst II will use a comprehensive set of cybersecurity, incident response and forensic tools to complete investigations of cyber-attacks, assist in the development of Cyber Threat Intelligence capabilities including the collection, documentation and curation of threat indicators. The Cybersecurity Analyst II will also be required to be the escalation point for more junior members and to participate in the global on-call rotation.

Knowledge:




  • Knowledge of common incident response methods, processes and phases.

  • Knowledge and experience of enterprise and host forensic tools to respond to computer-based incidents.

  • Experience with analyzing and development of Cybersecurity Threat Intelligence (CTI) and/or Indicators of Compromise (IoCs) for internal uses

  • Understanding of how systems get infected and common malware behavior.

  • Experience investigating account take over and other attacks against web-based services.

  • Knowledge of static and behavioral malware analysis techniques and processes

  • Solid knowledge with Windows, Linux and OSX operating systems

  • Experience in analysis of web, database, application and other wide-ranging log sources.

  • Familiar with various security architectures and methodologies (Defense in Depth, Kill-Chain, NIST, Critical Controls, OWASP, etc.)

  • Ability to clearly document investigative findings for varying levels of reading audiences

  • Proven ability to coordinate work efficiently and effectively with team members and business partners in local and remote locations.

  • Maintain knowledge of the latest threat targeting the financial sector


Required Education/Experience:




  • Bachelor of Science Degree with major in Computer Science, Cyber Security or related field.

  • 2 or more years of experience in Security Operations Center (SOC), incident response and/or computer forensics. Some technical, IT, and/or digital investigative experience will be considered in meeting this requirement.


Preferred Education/Experience:




  • Scripting experience using Python and/or Powershell.

  • Windows, Mac and Linux forensics.

  • Knowledge of legal and regulatory requirement for financial services.

  • Knowledge of a wide variety of enterprise wide IT systems such operating systems, directory services, cloud services, mobile device management, virtualization, network devices, web servers, databases and firewalls.

  • Knowledge of how threat actors target, exploit and behave within a compromised network.

  • Experience with endpoint management, server administration, vulnerability management, and SEIM solutions.


Certifications:




  • Certified Information Systems Security Professional (CISSP) or Associate of (ISC)²

  • Systems Security Certified Practitioner (SSCP)

  • AWS Certified Security - Specialty

  • GIAC Security Essentials (GSEC)

  • GIAC Intrusion Detection (GCIA)

  • GIAC Certified Incident Handler (GCIH)

  • GIAC Certified Enterprise Defender (GCED)

  • GIAC Continuous Monitoring Certification (GMON)

  • GIAC Certified Forensic Examiner (GCFE)

  • GIAC Certified Forensic Analyst (GCFA)

  • GIAC Advanced Network Forensics (GNFA)

  • CompTIA Advanced Security Practitioner (CASP)

  • Certified Ethical Hacker or Computer Security Incident Handler (CSIH)

  • Project Management Professional Certification (PMP)

  • EnCase Certified Examiner (EnCE)

  • Access Data Certified Examiner (ACE)




Primary Location: Salt Lake City

Other Locations: Tempe

Job: IT/Engineering/Project Mgmt

Organization:

Schedule:

Shift:

Employee Status:

Job Type: Full-time

Job Level:

Travel: Yes, 5 % of the Time

Job Posting: Mar 24, 2021, 11:32:46 AM

Cyber Security Operations Analyst II

Apply On Company Site
Back to search page
;