This site uses cookies. To find out more, see our Cookies Policy

Cyber Threat Analyst II in Downers Grove, IL at Solution Partners

Date Posted: 5/11/2018

Job Snapshot

Job Description

Cyber Threat Analyst II

The Cyber Threat Analyst will focus on gathering and analyzing data from disparate systems and produce cyber insights as necessary to identify, contain, mitigate, and/or recover from cyber security threats and/or incidents. The Cyber Threat Analyst II will work side-by-side with peers to investigate all cyber threats facing the organization.

Responsibilities:
Build, manage, and maintain correlation rules and alarming configurations for various cyber security platforms to include, but not limited to Security Incident & Event Management (SIEM), Security Orchestration, Threat Intelligence, and other platforms providing 24x7x365 Situational Awareness
Collect, organize, and analyze data using various cyber security tools such as LogRhythm, Radware DefensePro, Palo Alto Networks, Symantec Endpoint Protection, Anomali ThreatStream, Tanium, Empow Networks, EnCase and more
Support investigations of suspected cyber security misuse or stemming from compliance reviews as requested and approved by the SVP-CISO
Consolidate and analyze data from disparate systems using data integration tools or writing custom code in SQL, Python, or other scripting languages
Identify, analyze, and interpret trends or patterns in complex data sets
Work with the functional business area to identify, gather, investigate, and document business processes related to incident response, security logging sources and formats, company-wide data architectures, threat modeling, and security best practices
Visualize data insights using data visualization tools as necessary to ensure CISO, Security Operations, and other relevant dashboards are current and relevant
Perform root-cause analysis to understand data problems and find solutions by understanding user requirements
Build an inventory of assets to be monitored in support the DFS Enterprise Security Monitoring program

Serve as a trusted advisor to the Director, Security Technologies and/or the SVP-CISO on sensitive matters warranting confidentiality
Demonstrate subject matter expertise across most technology domains
Perform other duties as assigned

Required Skills:
Bachelor degree with 3+ years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience and education
Strong analytical competency
Ability to develop, customize, and maintain visualization dashboards utilizing SIEM and other security platforms
Strong understanding of cyber security threat modeling
Deep insights into threat intelligence tools and techniques
Advanced knowledge of cyber-attack techniques, and mitigation strategies
Advanced knowledge of firewalls, anti-malware, intrusion detection and/or prevention systems, and other network and systems security platforms
Ability to effectively communicate complex topics to engineers and leadership
Ability to properly handle confidential data and strictly follow business process and procedure
Ability to collaborate in cross-functional teams
Excellent attention to detail
Ability to operate in high stress situations