Protect SVB by providing predictable and timely response to Cybersecurity threats, incidents, and/or requests for investigation utilizing industry leading tools and practices. Assist in the development of playbooks and automation for repeatable tasks to speed the investigation of and provide accurate and consistent response to security events. Provide forensic analysis of the digital component of investigations and regulatory requests from SVB business units.
The Cybersecurity Analyst will leverage their knowledge of enterprise systems, cybersecurity attack methods and forensic techniques to respond to escalated incidents. The Cybersecurity Analyst II will use a comprehensive set of cybersecurity, incident response and forensic tools to complete investigations of cyber-attacks, assist in the development of Cyber Threat Intelligence capabilities including the collection, documentation and curation of threat indicators. The Cybersecurity Analyst II will also be required to be the escalation point for more junior members and to participate in the global on-call rotation.
Knowledge of common incident response methods, processes and phases.
Knowledge and experience of enterprise and host forensic tools to respond to computer-based incidents.
Experience with analyzing and development of Cybersecurity Threat Intelligence (CTI) and/or Indicators of Compromise (IoCs) for internal uses
Understanding of how systems get infected and common malware behavior.
Experience investigating account take over and other attacks against web-based services.
Knowledge of static and behavioral malware analysis techniques and processes
Solid knowledge with Windows, Linux and OSX operating systems
Experience in analysis of web, database, application and other wide-ranging log sources.
Familiar with various security architectures and methodologies (Defense in Depth, Kill-Chain, NIST, Critical Controls, OWASP, etc.)
Ability to clearly document investigative findings for varying levels of reading audiences
Proven ability to coordinate work efficiently and effectively with team members and business partners in local and remote locations.
Maintain knowledge of the latest threat targeting the financial sector
Bachelor of Science Degree with major in Computer Science, Cyber Security or related field.
2 or more years of experience in Security Operations Center (SOC), incident response and/or computer forensics. Some technical, IT, and/or digital investigative experience will be considered in meeting this requirement.
Scripting experience using Python and/or Powershell.
Windows, Mac and Linux forensics.
Knowledge of legal and regulatory requirement for financial services.
Knowledge of a wide variety of enterprise wide IT systems such operating systems, directory services, cloud services, mobile device management, virtualization, network devices, web servers, databases and firewalls.
Knowledge of how threat actors target, exploit and behave within a compromised network.
Experience with endpoint management, server administration, vulnerability management, and SEIM solutions.
Certified Information Systems Security Professional (CISSP) or Associate of (ISC)²
Systems Security Certified Practitioner (SSCP)
AWS Certified Security - Specialty
GIAC Security Essentials (GSEC)
GIAC Intrusion Detection (GCIA)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Enterprise Defender (GCED)
GIAC Continuous Monitoring Certification (GMON)
GIAC Certified Forensic Examiner (GCFE)
GIAC Certified Forensic Analyst (GCFA)
GIAC Advanced Network Forensics (GNFA)
CompTIA Advanced Security Practitioner (CASP)
Certified Ethical Hacker or Computer Security Incident Handler (CSIH)
Project Management Professional Certification (PMP)