In this highly visible role, you will perform research and analysis searching for indications of advanced threat actors existing on the network. Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise. Works with the Cyber Security Research and Development team to operationalize new and innovative techniques of discovering advanced threat actors. Works in Global Information Security in the Cyber Security Defense organization to ensure there are good data sources to enrich hunting capabilities.
4-7 years of background in information security, cyber security or network engineering.
Must understand typical threat actor profiles, the typical indicators associated with those profiles, and be able to synthesize the two to develop innovative techniques to detect threat actor activity.
Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
Analyze available data sources, security tools, and threat trends and lead security monitoring and analysis techniques to identify attacks against the enterprise
Ability to analyze logs, normalize and perform automated log correlations utilizing big data analysis or hunt tools to identify anomalous and potentially malicious behavior
Strong experience with Digitial forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices
Experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security, and security monitoring solutions (NSM,DLP,Insider, etc)
Self-starting, organized, proactive, and requiring minimal management oversight.
Ability to quickly learn new and complex concepts.
Strong analytical skills/problem solving/conceptual thinking/attention to detail.
Ability to work effectively with peers and multiple levels of management.
Well organized, thorough, with the ability to balance and prioritize competing priorities.
Excellent verbal and written communication skills across multiple levels of the organization.
A passion for Cyber Threat Hunting, research, and uncovering the unknown about threats and threat actors
Bachelors degree in Computer Science.
Ability to effectively code in a scripting language (Python, Perl, etc.)
Ability to understand big data and query languages (Splunk, SQL, etc)
Experience with either Red team or Blue team operations and ability to think both like an attacker and defender.
Experience setting up infrastructure to support Hunt Team operations
Previous experience working in the financial industry
Enterprise Role Overview
Key individual contributor, with accountability for researching, designing, engineering, implementing, and supporting information security & directory technology systems (software & hardware). Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank’s assets. Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g. client server, distributed, mainframe, etc.). Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.
Shift: 1st shift (United States of America)
Hours Per Week: 40