Partner with lines of business as cyber threat analyst to understand application and infrastructure functionality for Minimum Security Baseline logging and monitoring project efforts. Lead analysis sessions to identify gaps in log data and work with analytics team for log ingestion and event identification. Support analytics team and Cyber Threat Operations Center through alert test / tune phase and playbook creation. Collaborate with business owners and Cyber Threat Management to design, enhance, and implement threat response opportunities to reduce risk profile.
Essential Duties and
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
1. Listen and collaborate with business and technical application leads to understand, analyze, and document event and threat use cases for large-scale business applications and user processes.
2. Use structured analysis to research and identify new threat tactics, techniques and procedures used by cyber threat actors.
3. Develop, document and revise flow charts for current and future processes and system procedures.
4. Work with cross-functional teams to review and analyze applications including logging capabilities, potential vulnerabilities, and opportunities to securely improve workflow.
6. Stay current with emerging technologies to include their strengths and weaknesses and their application to business solutions.
Required Skills and Competencies:
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
1. Bachelor’s degree in Information Technology-related field, or equivalent education and related training
2. Three to five years of experience and strong proficiency with the following Information Technologies:
• Information security best practices
• Relational database technologies
• Distributed, Web, and/or networking technologies (Mainframe optional)
• Design tools and techniques
• Application development methodologies
• Technology testing and change implementation best practices
3. Highly competent communication and documentation skills
4. Self-starter with entrepreneurial spirit
5. Excellent verbal and written communication skills
6. Ability to work independently or as a member of a team
7. Ability to direct other team members and train others
8. Demonstrated proficiency in basic computer applications, such as Microsoft Office software products
9. Splunk experience highly desired
10. Ability to travel occasionally