Overview
The Senior Cyber Security Analyst for Incident Response will work in an environment where challenging technical and security issues in a dynamic operational environment will test knowledge, skills and abilities as they relate to incident response, forensics and cyber threat hunting. The Senior Cyber Security Analyst for Incident Response will: use data collected from cyber defense tools to analyze events for the purposes of finding and mitigating threats; Investigate, analyze, and respond to cyber incidents; Evaluate security controls against the current threat landscape and organizational architecture and provide recommendations for enhancement ; Cultivate an active partnership with Enterprise Architecture, Technology Platform and Application Owners as they are accountable for the secure design, configuration, and operation of their environments.
Role summary and job responsibilities
- Accountable for all aspects of the cyber security analysis process for their work
- You will contribute to the development of and improvement in cyber security standard methodologies within your group
- Leads analysis and actively participates in providing feedback on team members work
- Ability to lead a team on cyber analysis or incident response
- Ability to break down complex or vague problems and steps through them in a rational way
- Flexible in his or her thinking; able to evolve a solution when additional information or ideas are presented
- Decisions and recommendations distinguish between near term mitigation and required future investments
- Identifies when junior resources need help and provides mentoring in a positive way that promotes confidence
- You will help team members/make suggestions to improve practices
- On-call rotation 1 week per month, with
- Other duties as assigned
- Working hours are 8:00 a.m. to 5:00 p.m. for the Singapore-based role.
- Associates may occasionally be required to work outside these hours based on business needs.
Business knowledge
- Can articulate cyber security risk and translate into practical solutions to technology teams
- Thorough knowledge of the cyber analysis program associated objectives
Requirements
- Typically, 4+ years of relevant experience
- Up to date with relevant cyber security threats and counter measures
- Shows a commitment to quality by implementing suitable solutions
- Leads work reviews and actively participates in providing feedback on others work
- Performs as an expert in one or more cyber security programs.
- Deep understanding of TCP/IP, OSI model and component and systems dependencies concepts.
- Deep understanding of incident response processes and procedures
- Utilizes Cyber Threat Intelligence and Cyber Security Awareness concepts to influence work
- In depth understanding of Windows operating systems and general knowledge of Unix, Linux, and Mac operating systems
- Knowledgeable with various security infrastructure tools such as firewalls, intrusion prevention/detection systems, proxy servers, email controls, anonymizing technology, and SIEM
- Knowledgeable in Cyber risk management frameworks knowledge, web application technologies, and network and systems forensics
- Ability to investigate and analyze malicious code
- Ability to work as part of a team, show initiative and take on new tasks as assigned
- Ability to perform risk analysis and communicate that risk to others
- General understanding of AWS, Azure and/or Google Cloud
PREFERRED (OR ESSENTIAL) QUALIFICATIONS
- Experience in a 24x7 global enterprise, preferably in the Financial industry
- SANS GIAC certifications (such as GREM, GCIH, GCFA)
- In-depth knowledge of malware analysis tools
- Scripting experience, preferably Python and/or Powershell
- Splunk knowledge
- General system administration
