In this role you will be an individual contributor in the Cyber Defense (CD) Security Operations Center (SOC), responsible for performing security monitoring, intrusion analysis, incident handling, data loss prevention, privileged user monitoring, security incident management, malware detection/eradication, and recognizing hacker/incident response tactics, techniques, and procedures.
You will have responsibility for one or more of the security systems aligned with their specific function, either directly or indirectly; and will be a technical authority for critical operational decisions having significant impact to the organization with authority extending beyond the team to include both technology and business line areas in security-related decisions.
This role requires the incumbent to know the latest security technology, the threat landscape, and emerging threats. The incumbent will act as a domain specialist in their specific disciplines and will provide management with needed recommendations.
The individual will be:
Performing ongoing monitoring and threat analysis, analyzing logs, netflow data, and packet capture
Identifying potential IT security incidents and calling out information to appropriate IR senior staff
Assessing threat and vulnerability information from all sources (both internal and external) and promptly applying applicable mitigation techniques
Developing meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk
Using information from cyber security tools and processes, assessing potential security and business impacts while presenting recommendations to management
Representing Cyber Defense as needed on security-related or risk-related initiatives or working groups where technical skills and security expertise are required.
Proactively protecting, monitoring, investigating and resolving threats to secure user environment and company assets
Providing direction and guidance to more junior staff on a team of security and technical professionals
Experience and Skills:
3 or more years of security industry experience preferably in a SOC environment
Experience with the following highly desirable:
Security Information and Event Management Tools (QRadar, Archsight, etc.)
Intrusion Prevention Tools
Database Security Tools (Guardium)
Data Loss Prevention Tools (Symantec, Websense, etc.)
Firewalls (Cisco, Palo Alto, Check Point etc.)
Application Security Tools
Cyber Security Incident Response
Network Intrusion Detection Systems (SourceFire, McAfee, etc.)
Host Intrusion Detection Systems
Security Analytics (Solera, NetWitness etc.)
Demonstrated spoken and written communication skills with the ability to communicate technical concepts to non-technical audiences
Experience adapting and demonstrating flexibility while working in a dynamic environment
Education and Certifications:
Hours & Work Schedule
Hours per Week: 40
Work Schedule: Monday through Friday 8:30AM - 5:00PM
Why Work for UsAt Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.Equal Employment OpportunityIt is the policy of Citizens to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, colleague or a dependent's reproductive health decision making, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, genetic characteristic, citizenship, veteran or military status, marital or domestic partner status, family status/parenthood, victim of domestic violence, or any other category protected by federal, state and/or local laws.Equal Employment and Opportunity Employer/Disabled/VeteranCitizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.