Lead Security Analyst
The lead Security analyst will have the following skill set:
Will provide key leadership and expertise as it relates to incident response and remediation of threats and vulnerabilities. The scope of the position’s responsibilities includes a hands-on role monitoring and triaging events, identification of vulnerabilities, performing comprehensive security compliance assessments and vulnerability research. The individual will work closely with other Security, IT and the Business teams, Human Resources, SIU, Legal, Privacy and Ethics teams.
- Provide leadership and direction for the Cyber Security & Threat team that includes Security Intelligence, Security Incident Response, Security Monitoring, Penetration Testing, Secure Code Review, Server Compliance Scanning, Vulnerability Management, Security Tool Policy Management, Data Loss Prevention, eDiscovery and Database Monitoring.
- Review, triage, escalate, and respond to security events and incidents while analyzing various log, network, malware, forensic, and open source information to validate security threats, recommend appropriate countermeasures, and assess the impact of incidents
- Implement and maintain a comprehensive threat intelligence solution to maintain situational awareness of events impacting the financial services and related IT verticals
- Analyze, recommend and facilitate the execution of Security & Risk Management key initiatives to reduce risk and exposure internal infrastructure.
- Establish and maintain key operational and performance metrics to measure success and effectiveness of the vulnerability management program
- Participates in 24 X 7 production system security issues and event handling. Develop management reporting tools.
Skills and Requirements:
Bachelor’s degree in computer science, information systems or related field, or equivalent work experience.
Candidate must have 5+ years of combined IT and Cyber Security related work experience.
Ability to perform basic scripting to analyze and automate repeatable processes (Python, Perl, Ruby, PowerShell).
Previous experience in any of the following areas; Red Team, Threat Hunting, Penetration Testing.
Relevant industry certifications such as CISSP, CCNA-Security, Security+, GPEN, GIAC, PMP, LEAN and Six Sigma are desired.
Possess excellent communication skills and be able to document and explain technical details clearly and concisely.