|Location||Providence, RI, USA|
|Preferred GIAC Certifications||GREM, GCIH, GCIA, GNFA, GCED|
This Tier 3 Analyst will be a resident technical expert within the bank’s Security Operations Center (SOC).
This role is for a senior level individual contributor role on the Cyber Defense – Monitoring Response and Analysis Team (MRAT) and will be working closely with the Threat Intelligence, Content Engineering and Infrastructure Vulnerability Management teams. This role will help mature an existing hunting, malware analysis and advanced threat detection programs.
Primary responsibilities include:
* Conducting multi-step investigative analysis to trace activities associated with advanced threats
* Serving as an escalation resource and mentor for other analysts
* Utilizing current and future tools to perform hunting for complex insider and outsider threats
* Analyzing vulnerability assessment and penetration testing results to help identify stealthy threats
* Supporting proactive deep malware analysis, and recommending defensive actions to effectively defend against malware related attacks
* Making recommendations on how to optimize security monitoring tools based on threat hunting discoveries
* Defining tool requirements to improve SOC capabilities
* Facilitating the evaluation, selection and implementation of supporting SOC systems and tools
* Exercising analytical skills and knowledge of supervision regulations
* Providing leadership and technical guidance in project planning, task definition, estimating, reporting, scheduling, documentation, and workflow
* Participating in 24/7 on call rotation as a point of escalation for incidents outside of normal business hours (nights, weekends, and holidays).
* 7 or more years of progressive security industry experience
* Demonstrated understanding of various operating systems (Windows, Unix, Linux, etc) with an emphasis on Security Operations
* Experience with programming/scripting (Python, Powershell, Ruby, PHP, Perl, C, Java etc.)
* Experience with malware reverse engineering and tools such as IDA Pro, OllyDbg, PEID etc.
* Hands on experience with Security Information and Event Management technologies (QRadar, ArcSight, Splunk etc.)
* Leadership qualities to serve as an escalation resource and mentor for other analysts
* Self-motivation with the ability to work under minimal supervision
* Experience with computer security incident handling, coordination and response
* Knowledge and experience required in the areas of security assessment and vulnerability scanning, risk based threat analysis, and security mitigation techniques
* Excellent oral and written communications skills
* Strong analytical skills
Education, Certifications and/or Other Professional Credentials:
* Bachelor’s Degree (Security / IT Related) or equivalent combination of experience
* A combination of relevant industry certifications including, but not limited to CISSP, GREM, GCIH, GCIA, CEH, GCED, CISA, etc.