Cyber Security Analyst

Job Details:

Analyze and determine the scope of threats to the enterprise, vulnerabilities in software, and determine how our company will best defend itself against these threats.

Monitor third-party security-related feeds, websites, forums, and mailing lists for information regarding cyber threats, vulnerabilities and exploits. Verify vulnerabilities; correlate and collate the information; and develop, edit, and deliver security reports to enterprise-level customers. On occasion replicate reported vulnerabilities in a lab environment and, where appropriate, develop proof of concept and/or exploit tools against these vulnerabilities.

Perform duties across several Cyber disciplines, activities may include Intelligence Analysis:

  • Develop and provide threat and situational intelligence leveraging proprietary enterprise data, as well as a variety of external sources and open source data.
  • Actively monitor and research cyber threats with a direct or indirect impact to the OCC brand, business operations, or technology infrastructure. 
  • Develop and support briefings to Security management as a cyber intelligence subject matter expert.
  • Create and conduct presentations on current threats and related IT Security topics.
  • Provide monthly reporting to Security management on Threat, Vulnerability, and Incident management metrics.
  • Network Security Operations Analysis
  • Prioritize and identify security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.
  • Incident Management and Forensic Analysis
  • Lead in cyber security incident response activities, including investigation, coordination, and reporting.
  • Lead and direct in the collection and preservation of evidence associated with cyber security incident response activities following industry best practices and established procedures.
  • Develop and support briefings to Security management as a cyber-forensic subject matter expert.

Qualifications/Technical Skills/Education

  • Proven team player, will be working individually and with other staff members, on both long-term projects and rapid response under tight deadlines.
  • Effective and excellent oral and written communication, analytical, judgment and consultation skills.
  • Ability to effectively communicate in both formal and informal review settings with all levels of management.
  • Proven experience in developing and providing threat and situational intelligence from a variety of internal and external sources.
  • Ability to work with local and remote IT staff/management, vendors and consultants.
  • Ability to work independently and possess strong project management skills

Demonstrated proficiency in:

  • Implementation and maintenance of SIEM (ArcSight, IBM Qradar, McAfee NitroSecurity, etc.)
  • Forensic analysis tools (MIR, EnCase, FTK)
  • Malware analysis tools (dynamic and static)
  • Vulnerability assessment tools (Qualys, ISS Scanner, nmap, etc.)
  • Secure Web Gateway (BlueCoat, Microsoft Forefront)
  • Network sniffers and packet tracing tools (DSS, NAI SnifferPro, Ethereal and tcpdump).
  • Encryption technologies (PGP, PKI and X.509)
  • Standard technical writing tools including MS Word, Excel, Project and Visio

Familiarity with:

  • Directory services, LDAP, and their inherent security (Active Directory, CA Directory).
  • Proxy and caching services.
  • Client/server platforms including Sun Solaris, Windows, Linux.
  • Operating system hardening procedures (Solaris, Linux, Windows, etc.)
  • LAN/WAN routing and high availability (OSPF, BGP4/iBGP, EIGRP and NSRP).
  • Web Application Firewalls.
  • Cloud based security tools and techniques

Security Integration Scripting Activities:

  • Mid-level to advanced scripting and development activities to appropriately leverage complex Application Programing Interfaces (APIs) to optimize interoperability and data exchange between disparate security monitoring and analysis devices
  • Bachelor’s degree in Computer Science, Engineering, or other related field.
  • Minimum seven years of information security experience, preferably in the financial services industry.
  • Minimum three years hands-on security operations experience  including interdisciplinary experience with four or more of the following: Cyber Threat Analysis, Digital Computer Forensics, Incident Response, Application Security, Operating Systems Security, Cryptographic Controls, Networking, Programming languages
  • Technical experience and comprehensive knowledge of threat actor capabilities, intentions, methodologies and motives.
  • Familiarity with computer network exploitation and network attack methodologies while maintaining an understanding of the relationship these activities have with the financial services industry and critical infrastructure.
  • Industry knowledge of leading-edge security technologies and methods
  • Shift work and working in an on-call response capacity is required including availability for 24 x 7 on-call support responsibilities
  • Previous people/project management experience is a plus.
  • Government Security Clearance is a plus.
  • Strongly prefer at least one of the following certifications: CISSP, GCIA, GCIH, CHFI, GCFA, CCE, CFE

Step 1
When you find a position you’re interested in, click the ‘Apply’ button. Please complete the application and attach your resume.

Step 2
You will receive an email notification to confirm that we’ve received your application.

Step 3
If you are called in for an interview, a representative from OCC will contact you to set up a date, time, and location.

For more information about OCC, please clickhere

OCC is an Equal Opportunity Employer

. . . . . . . .

Leave a Reply