Overview
Remote
On Site
USD 117,000.00 - 190,000.00 per year
Full Time
Skills
Reporting
Process Improvement
Management
Cadence
Technical Analysis
Content Creation
Commodities
Content Development
SIEM
Network
Endpoint Protection
Collaboration
Data Analysis
Use Cases
Information Security
Regular Expression
Malware Analysis
Forensics
SANS
Cloud Computing
Cloud Security
Impact Analysis
Information Assurance
Information Architecture
Threat Analysis
Law
Job Details
Overview
This is a remote role that may be hired in several markets across the United States.
This position supports the Bank's Information Security and Cyber Threat management programs at the highest level of complexity and expertise. Leads the analysis and mitigation of threats identified within the Bank's networks and systems. Ensures that team reporting is timely, accurate, and escalated as necessary to provide actionable intelligence for cyber defense efforts. Develops process improvements and technical solutions that address the identified gaps or deficiencies. Drives the defense of the organization's information security and technological architecture through expert consultation and threat mitigation. Serves as a resource to team members and management on security threats, industry trends, and other relevant intelligence. Leads projects within the work group and resolves escalated, high-risk issues.
Responsibilities
Daily Cadence
Core Duties
Ancillary Duties
Qualifications
Bachelor's Degree and 8 years of experience in Information security OR High School Diploma or GED and 12 years of experience in Information security
Preferred Qualifications
Preferred Certifications
The base pay for this position is generally between $117,000 and $190,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment.
This job posting is expected to remain active for 45 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants
Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at
$descr2
$descr3
This is a remote role that may be hired in several markets across the United States.
This position supports the Bank's Information Security and Cyber Threat management programs at the highest level of complexity and expertise. Leads the analysis and mitigation of threats identified within the Bank's networks and systems. Ensures that team reporting is timely, accurate, and escalated as necessary to provide actionable intelligence for cyber defense efforts. Develops process improvements and technical solutions that address the identified gaps or deficiencies. Drives the defense of the organization's information security and technological architecture through expert consultation and threat mitigation. Serves as a resource to team members and management on security threats, industry trends, and other relevant intelligence. Leads projects within the work group and resolves escalated, high-risk issues.
Responsibilities
Daily Cadence
- Build and track the evolution of the Tactics, Techniques and Procedures which will drive mitigations/countermeasures and general threat posture.
- Support the technical analysis of SIEM alerts as requested by the triage team.
- Support the content creation pipeline for new threats identified as a result of an incident, threat intelligence or vulnerability.
- Identify any technology gaps and contribute to designing solutions to address them.
- Support the automation effort to streamline and accelerate triage response.
- Coordinate and lead incident triage efforts involving internal team members and external stakeholders.
- Communicate status of threat response efforts to multiple stakeholders.
Core Duties
- Threat Hunting Lead - Design the threat hunting pipeline and operationalize various trigger points (eg. Operational, Intelligence, Vulnerability) as drivers into countermeasure and mitigation creation.
- Threat Hunting - Support the operational driven inputs (eg. on the heels of an incident or event) into threat hunting and help build countermeasures/mitigations to address commodity and targeted threats. Also build a capability to track evolving threat actor techniques.
- Content Development - Support the creation of countermeasures and mitigations in response to an incident.
- Incident Analyst/handler -investigate SIEM/SOAR events as necessary; bring experience in malware analysis, network/endpoint security to respond to and contain incidents.
Ancillary Duties
- Industry/Peer group outreach : Collaborate with industry peers and team to proactively combat cyber threats. Activities will include data analysis, sharing actionable intelligence and support queries or collaborative efforts.
- Automation - Identify areas for automation and facilitate the creation of automation use cases and implement them.
Qualifications
Bachelor's Degree and 8 years of experience in Information security OR High School Diploma or GED and 12 years of experience in Information security
Preferred Qualifications
- Familiarity with MITRE ATT&CK and its application to countermeasure creation is a plus.
- The role requires someone who can translate threat actor techniques to building mitigations across a variety of security technologies. This could take the form of Yara, Sigma or Regular Expressions.
- This role would also require familiarity with static and dynamic malware analysis techniques including memory/disk forensics.
Preferred Certifications
- SANS Cloud certifications, GIAC Cloud Security Threat Detection (GCTD) IA FA or Cyber Threat Intelligence ( GCTI)
The base pay for this position is generally between $117,000 and $190,000. Actual starting base pay will be determined based on skills, experience, location, and other non-discriminatory factors permitted by law. For some roles, total compensation may also include variable incentives, bonuses, benefits, and/or other awards as outlined in the offer of employment.
This job posting is expected to remain active for 45 days from the initial posting date listed above. If it is necessary to extend this deadline, the posting will remain active as appropriate. Job postings may come down early due to business need or a high volume of applicants
Benefits are an integral part of total rewards and First Citizens Bank is committed to providing a competitive, thoughtfully designed and quality benefits program to meet the needs of our associates. More information can be found at
$descr2
$descr3
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.