Cyber Security Analyst

Description:
The Analyst, Cyber Security performs daily incident detection and response operations and is responsible for monitoring, investigating, researching and analyzing intrusion detection and prevention tools and systems.  Responsibilities include the following:

  • Monitor security event and incident management systems (ArcSight and Splunk) for anomalous or malicious activity.
  • Audit and review system and security logs. Utilize tools to analyze attack patterns, inappropriate  or noncompliant activity, or access misuse. Report all violations to the appropriate personnel for review and corrective action.
  • Analyze and escalate incidents, as appropriate. Take action to handle high severity issues including escalation to other business areas as necessary, providing  technical guidance as needed.
  • Clearly and accurately document observations. The Cyber Security Analyst will be responsible for creating and maintaining reports on performance indicators, and weekly and monthly metrics, in order to maintain historical records, identify trends, etc.
  • Collaborate with peers to implement changes to analysis tools as required, including inclusion of log sources/types and refinement of alerts/signatures
  • Work with HR and SIU, as necessary, to provide additional details for escalated events.
  • Partner with the IT department to plan, implement and support new and existing security technologies..

The role will report to the Cyber Security Manager. 
The information above is intended to describe the general nature of the work being performed by each individual assigned to this position. This job description is not designed to be an exhaustive list of all responsibilities, duties, and skills required of each  candidate.

Education/Experience:

  • Bachelor’s degree, Information Security or Computer Science or related technical discipline
  • Minimum 1 year prior experience detecting/responding to cyber incidents or similar
  • 5-7yrs IT security related work experience (can be waved for advanced information security degree)

Requirements:

  • 5-7 years experience with Intrusion Event Systems (IDS) analysis or
  • 5-7 years experience with host forensics (timeline analysis, registry analysis, etc.) or
  • 5-7 years experience with network forensic tools & techniques and memory forensic tools and techniques.  Demonstrated experience with Windows and/or Linux operating systems.
  • Demonstrated understanding/familiarity with networking fundamentals including subnetting, TCP/IP, protocols such as SSL, DNS, http, etc.
  • Ability to work in a large corporate environment as well as some experience analyzing malware, emerging threats and emerging risks is important.

Additional licensing, certifications, registrations:

  • Certified in one or more of the following: CISSP, CISA, CISM, CEH, technology specific (proxy, data loss prevention, firewall, etc)

Knowledge:

  • Requires an excellent understanding of IT security concepts with an emphasis on advanced detection, digital forensics and response.
  • Requires excellent knowledge of IT and computer systems.

Desired skills:

  • Familiarity with scripting / programming (Python, Perl, C, etc.)
  • Malware analysis & reverse engineering skills are a plus
  • EnCE, and / or GIAC certifications are desirable
  • An understanding of APT, cyber-crime, botnets and associated tools, tactics and procedures
  • Experience with IDS, Network Forensics, Network Security Monitoring (NSM) and netflow tools and analysis.
  • IT infrastructure background including familiarity with the following:
    • Networking (TCP/IP, UDP, Routing)
    • Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
    • System/Application vulnerabilities and exploitation
    • Operating systems (Windows, *Nix, and Mac)

Skills and Abilities:

  • Requires exceptional analytical thinking skills or  analytical and problem solving skills
  • Requires excellent verbal and written communication skills
  • Requires excellent interpersonal skills and the ability to work effectively with others as a team
  • Requires excellent PC skills and demonstrated proficiency with MS Office Suite
  • Requires the ability to handle multiple tasks and prioritize effectively
  • Detail oriented and excellent organizational, time and stress management skills
  • Ability to work well individually as well as in a team environment
  • Self-starter with demonstrated ability to make decisions

Travel (If Applicable):   Nominal

Internal Relationships:

  • SIU, Privacy, Legal Affairs, IT,  and others

External Relationships:

  • External business partners, threat intelligence sources, and others

Horizon Blue Cross Blue Shield of New Jersey is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or status as an individual with a disability and any other protected class as required by federal, state or local law.

Requirements:
Education Bachelors
Job Level Individual Contributor
Expertise Security & Administration
Job Type Full Time
Location Newark, NJ

Source:https://jobs.horizonblue.com/viewjob.html?optlink-view=view-40612&ERFormID=newjoblist&ERFormCode=any&eresc=Indeed