The Cyber Security Intrusion Analyst will function as a member of an enterprise network and application layer intrusion, detection, prevention, and response team. In this role, you will develop and implement custom alerts, dashboards and monitoring controls based on OSI layer 7 attack and threat indicators. You will provide leadership in assessing new threat vectors and the effectiveness of controls, and leverage advanced investigative skills. You will partner with senior leaders from lines of business organizations to triage security events and report on impacting security initiatives. You may also be responsible for mentoring and developing the skill sets of less experienced team members and the development and implementation of processes or controls in support of audit and risk requirements.
You will be a key individual contributor responsible for initial analysis, monitoring and escalation of security events detected from controls in addition, supporting researching, implementing, and supporting new controls. The successful candidate may take rotational on-call duties, as required.
This position will have interaction with and visibility to members of the Global Information Security leadership team as well as key business unit stakeholders. Additionally, you will have the opportunity to work with a deeply committed team of recognized information security experts on high visibility security initiatives for the Bank.
Required
- Relationship management experience
- 1-3 years' experience operating Web Application Firewall technologies - F5 ASM preferred
- Resource must be able to identify and interpret all forms of HTTP requests
- Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against bank applications.
- Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion.
- Working knowledge of OSI model 3 through 7
- Strong knowledge of common network protocols
- Ability to work independently on initiatives with little oversight. Motivated and willing to learn.
Desired Skills
- 1-3 years' experience operating within an information security environment
- Strong grasp of modern web site deployments and technology.
- Strong technical background and ability to learn new technologies quickly
- Comfortable with scripting languages and regular expressions
- Working knowledge of Linux, Windows, and OS X operating systems.
- Strong analytical skills / problem solving / conceptual thinking
- Working knowledge of enterprise Client / Server architecture
Enterprise Role Overview:
Operates tools and processes that provide cybersecurity defense. Uses technical expertise to provide systems disruption protection (DDoS), systems intrusion protection (IDS/IPS, WAF, Log Monitoring), network boundary protection (NAC, Firewalls), detects/prevents malware threats for applications and infrastructure and protects data leakage. Utilizes experience and deep knowledge of IT platforms, tools, and concepts to ensure cybersecurity protection is integrated into all layers of defense. Provides regular status updates to management team. Typically has 3-5 years of relevant experience in one or more threat prevention disciplines.
Shift:
1st shift (United States of America)
Hours Per Week:
40