Posted: Monday, February 27, 2017 2:08 PM
DescriptionCyber Intelligence AnalystCyber Intelligence Analyst is responsible for continuously researching, assessing and prioritizing cyber alerts (IPS, FW, DLP etc.) based on relevance, and impact.Participates in capturing a portfolio of historical threat activity, trends and common attack vectors to predict and prevent future threats.Identifies and correlates cyber threat information to known vulnerabilities and assign to Vulnerability Management to remediate.Collaborate with all Cyber team members on advanced security techniques and provide feedback, expertise and experience to team.Building and maintaining sources of data collection and analysis in order to produce a common operating picture of intrusion or threat related activity.Participate, maintains and establishes partnerships within the security and financial sector to gain insight into significant shifts in government expectations, human behaviors and technology adoption that may pose business risk.Works with all teams (including: Development, IT Operations, Security and Business Units) to make strategic adjustments to the enterprise security posture.Evaluates new solutions and methodologies and provides detailed reviews and recommendations to the Security Intelligence and Response Manager.Provides research for next generation traditional and non-traditional cyber threat methods, techniques and tactics specific to evolving IT infrastructures.Plan and prioritize projects under a dynamic, flexible and changing set of requirements. RequirementsBachelor's degree in computer security/science or related discipline is preferred.Minimum 5 years of Cyber information security experience.Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources for the purposes of documenting results and analyzing findings to provide meaningful reports. Advanced understanding of IT Security concepts to include network design, countermeasures, risk management, operational security and attack techniques. Experience working with (SEIM) solutions. Experience working with Data Loss Prevention (DLP) solutions. Foundational knowledge in information technology, to include hardware, networking, architecture, protocols, files systems and operating systems. Programming in Python or other scripting languages a plus. Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple applications, network and security sources for the purposes of documenting results and analyzing findings to provide meaningful products. Ability to leverage well-honed online researching expertise to identify and navigate relevant online forums, including Web sites, social media, and traditional sources for research and analysis. Experience with SIEM tools and technologies. Ability to think critically and analyze abstract data. CISSP, CEH or SANS GIAC certifications are preferred.
• Location: Rochester
• Post ID: 23890595 rochester