The Cybersecurity Analyst will lead in day-to-day security operations, identifying threats and vulnerabilities, containing, and recommending corrective actions for eradication. This role will test and ensure compliance of internal and commercial offerings with security policies and standards, as well as with applicable regulations and laws. You will also perform assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. The output will measure the effectiveness of defense-in-depth architecture against known vulnerabilities. As a member of the Cyber Security Incident Response Team (CSIRT), you will be the front-line responder, combating cybersecurity threats against our Information Technology Environments/Services. You will conduct incident response activities, including advanced investigation, response, and remediation. Each member of the team will play a role in Incident Response, Forensics, Threat Hunting, and Cyber Threat Intelligence.
Include, but are not limited to, the following:
- Lead on incidents response, pull on the other teams to follow up for a plan, troubleshooting, documenting properly
- Conduct monitoring and detection analysis using cybersecurity defense tools.
- Communication must be good and writing skills as well. Proficient with business terms.
- The person has to communicate with managers and stakeholders, etc.
- On incident response rotation duties - every 5 weeks or so on.
- Correlate activity across assets (endpoint, network, apps) and environments (on-premises, cloud) to identify patterns of anomalous activity.
- Build and manage relationships with 3rd party SOC providers.
- Review and assess alerts to contain any intrusions or threats.
- Provide reports on events that occur within the environment.
- Communicate at every level of the organization in a way that is effective for that level.
- Test systems to understand compliance with cybersecurity policies and drive remediation, as required.
- Stay abreast of emerging threats and vulnerabilities to assist in identification of incidents.
- Preserve all records indicating changes made to access control lists to facilitate audits and other investigations.
- Maintain detailed program metrics around initiative goals.
- Participate in an on-call rotation.
- Uphold company mission and values through accountability, innovation, integrity, quality, and teamwork.
- Support and comply with the company’s Quality Management System policies and procedures.
- Maintain regular and reliable attendance.
- Ability to act with an inclusion mindset and model these behaviors for the organization.