The Global Information Security Analyst is a highly-technical role and an in-house subject matter expert who diligently assists with the improvement of information security across the organization by understanding the threats it faces. Their primary responsibilities are (but not limited to): intrusion analysis, incident handling, digital forensics, developing thorough incident reports, and technical security research.
The analyst will be responsible for leveraging security related data from internal sensors (e.g. SIEM, firewalls, IDS, routers, proxies, hosts etc.) and external sources (vendors, industry working groups, law enforcement etc.) to implement effective mitigations, and reviewing appropriate data sources for indications of adversarial activity. This role reports into Global Information Security team and maintains strong relations with all Line of Business technology groups. This person will work closely with a number of key individuals and teams to investigate and forensically examine potentially compromised systems as well as identifying, alerting, and responding to mitigate information security incidents.
Responsibilities include, but are not limited to:
Assists with incident management response and analysis services on behalf of the Information Security function as a primary member of the computer security incident response team (CSIRT), including Tier 1 through 3 analysis for the full scope and lifecycle of incident response (i.e. identification through closure including post-mortem and lessons learned) following industry established best practices in addition to being in accordance with Company-specific policies and standards
Respond to emerging threats such as APT and other forms of targeted attacks, organized crime, etc
Perform detailed forensic analysis of assets, including logs, malware samples, hard drive images, etc.
Reconstruct events of a compromise by creating a timeline via correlation of forensic data
Malware analysis and other attack analysis to extract indicators of compromise.
Reviewing audit trails for unauthorized access attempts or other information security violations
Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks
Analyze previously unknown malware utilizing static and dynamic methods to determine its behavior and impact on endpoints as well as build a list of indicators of compromise
Expectation of off-hours support, responsiveness and availability in response to critical security related incidents, material developments which could create risk to the Company, known threats etc.
Communicate effectively with representatives of the Lines of Business, technology specialists, and vendors.
Some international travel required
Demonstrated and continued involvement within cyber security-specific communities at any scale (e.g., groups, organizations, conferences) or equivalent activity that seeks to maintain small and large scale awareness of major security topics and events
Demonstrated exceptional passion and drive for cyber security as evidenced by self-driven past accomplishments that had significant positive impact to shareholders or security community
Strong host and network based forensics skills.
Effective technical skills to understand the ramifications of various system security recommendations and decisions
Experience conducting detailed log analysis and correlation
Hands on Malware analysis experience dynamic and static
Good understanding of SIEMs and similar technologies
Knowledge of industry good practice for foundational security elements including network device and system-level hardening.
Ability to assess security incidents quickly and effectively and communicate a course of action to respond to the security incident while mitigating risk and limiting the operational and reputational impact
Excellent oral/written communication, problem solving and analytical skills
Ability to work independently and as part of a team to achieve desired objectives and project results
Ability to interface effectively and decisively with all levels of management, departments and outside vendors.
Ability to identify both tactical and strategic solutions.
Recruiter: Andy Ballantyne
Phone: (800) 732-4680 x709