Senior Cyber Fusion Center Triage Analyst - Incident Detection

Blackberry Limited Dallas , TX 75201

Posted 7 months ago

Worker Sub-Type:


Job Description:


Cylance is looking for a talented Senior Cyber Triage Analyst to join our team and support our client in Plano, TX. This position conducts threat identification, analysis, and remediation by utilizing cyber defense tools and security best practices. This position requires working closely with other security teams and stakeholders to remediate threats and protect the environment.


  • Monitor the network, systems, and applications for any suspicious behaviors, activities, and anomalies.

  • Investigate escalated security events according to existing policies.

  • Perform traffic analysis, threat hunting activities and malware analysis.

  • Create new correlation rules and fine-tune existing rules to improve deletion efforts and reduce false positives.

  • Mentor and train Junior analysts.

  • Collaborate with other team members to establish new processes and procedures.

  • Assist with side projects and other tasks as needed.


  • BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experience preferred.

  • 3+ years of experience investigating and responding to intrusions in an enterprise or security operations environment.

  • Proven experience in log analysis, incident handling, threat hunting, and malware analysis.

  • Solid understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB

  • Advanced experience with SIEM and log aggregation technologies.

  • Demonstrated close attention to details, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly

  • Ability to work in a 24/7 monitoring environment with dynamic hours and rotating shifts.

  • Must be onsite in Plano, TX.

  • Security certifications such as GCIA, GCIH, or CISSP are preferred but not required.

  • Must be onsite in Plano, TX Monday Friday, relocation available


  • Experience with Splunk and other SIEM platforms, Enterprise Intrusion Prevention Systems, Endpoint Detection tools, and other security products

  • Experience supporting incident investigations in a large and complex environment

  • Experience working in a 24/7 SOC environment


  • Current resume

  • Github link or previous project portfolio (optional)

Job Family Group Name:


Scheduled Weekly Hours:

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Managed Services Application Security Engineer Senior Analyst

Ernst & Young LLP

Posted 4 days ago

VIEW JOBS 10/17/2019 12:00:00 AM 2020-01-15T00:00 Clients worldwide look to our Cybersecurity Managed Services team to provide 24x7 support for a company's environment. Our consultants and analysts work in conjunction with our client teams to identify and resolve potential issues long before they even happen. As senior analysts on our threat intelligence team, you'll be right at the heart of that mission, using your experience to manage tools and technologies in an ever-changing environment. Working closely with consultants across the business you'll help define the future of threat detection for our clients. The Opportunity In EY's Cyber Center based in Dallas, Texas, there is no such thing as a typical day – every day brings forth new objectives and challenges to solve. We are seeking experienced analysts keen to support our client challenges and provide exceptional client service As an Application Security Engineer, you will play a critical role in providing the quality support services to organizations managing their environment. We look for individuals who have a passion for identifying and fixing vulnerabilities in software and applications. You can expect to work across multiple industries, support complex environments, and develop key client relationships. Your Key Responsibilities * Support center services with dynamic application security testing including troubleshooting, task scheduling, and continuous process improvement * Interface with our clients and work with offshore teams to execute dynamic testing and triaging * Assist and lead continuous process and quality improvement initiatives * Develop metrics (e.g., tracking, dashboards, aggregation of data) associated with monthly and quarterly reporting * Develop and deliver meaningful hands-on training for our clients and internal teams. Skills and Attributes for Success * Supporting a wide range of threat exposures services, including web, application, software security, vulnerability management and testing * Staying informed on the latest industry and trends, risks and opportunities, especially regarding vendors and competitors * Communicating issues and escalating where necessary to promote collaboration, innovation and timely service * Build trusted relationships with client stakeholders. * Collaboration with global team members To qualify for the role you must have * A bachelor's degree in Information Systems, Computer Science, Cybersecurity, or related field * Three to five years of work experience in dynamic application security testing to configure/analyze/troubleshoot scans * Direct experience in Tier 2/3 application security including scripting and automation associated with DAST tools * Troubleshooting experience such as looking at stack trace and logs * Understanding of web application and web services architecture * Knowledge and understanding of security vulnerability including OWASP 10 * Work with scanning tools such as WebInspect, Fortify Software Security Center, Qualys, Acunetix, and Burp * Skills to combine sound technical and security principles with a problem solving approach * Foresight to prioritize effectively when working on multiple projects, often with strict deadlines Ideally, you'll also have * Experience preparing SQL statements with MySQL, SQL server, Access * Experience with build environments/tools (e.g., VSTS, Jenkins, Maven, GIT) * Experience with postman and swagger for REST API and RESTful web services testing using DAST tools * Experience with ticketing and workflow tools like ServiceNow, Archer, Jira * Knowledge of automation frameworks – preferably Selenium * SANS associated certs and training * Other security/IT community certifications a plus – preferably CISSP What we look for We're most interested in your attention to detail, and ability to deliver high quality work every time. A drive to provide high quality client service support is key to success at EY. What working at EY offers We offer a competitive compensation package where you'll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, both pension and 401(k) plans, a minimum of 22 days of vacation plus ten observed holidays and three paid personal days, and a range of programs and benefits designed to support your physical, financial and social well-being. Plus, we offer: * Support, coaching and feedback from some of the most engaging colleagues around * Opportunities to develop new skills and progress your career * The freedom and flexibility to handle your role in a way that's right for you About EY As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality. If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible. Build your legacy with us. Apply now. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. Ernst & Young LLP Dallas TX

Senior Cyber Fusion Center Triage Analyst - Incident Detection

Blackberry Limited