Information Security Analyst – National Incident Response Team Job in New York 10045, New York US
Information Security Analyst – National Incident Response Team
Location: Financial District, Manhattan
Two roles: one day shift, one night shift
Area Overview:
The National Incident Response Team (NIRT) delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services. The mission of the National Incident Response Team is to play a leading role in efforts to protect information systems against unauthorized use.
Top 5-10 technical skills required for the job:
- Strong knowledge of current security threats, techniques, and landscape.
- Strong conceptual understanding of SIEM technology as used by information security analysts.
- Knowledge of, and experience with, TCP/IP protocols and packet analysis.
- Knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.
- Working knowledge of Microsoft Office products, including Visio and Project.
Job Description:
As a member of the Incident Detection and Analysis (IDA) Team, you will analyze a large volume of security event data from a variety of sources with the goal of identifying suspicious and malicious activity; perform post mortem analysis of traffic flows; perform case management throughout the incident life cycle; and complete projects and tasks associated with security monitoring, detection, and incident response on an as needed basis. You will interact directly with the NIRT’s technical and business customers located across the United States.
- Review and analyze SIEM security events from various monitoring and logging sources, as well as associated network traffic to identify and /or confirm suspicious activity.
- Research potential containment and eradiation techniques for analyzed security events in order to provide proper mitigation guidance to incident responders.
- Perform acquisition and basic to moderate static/behavioral analysis of malware specimens to determine the effects on internal systems at both the host and network level.
- Perform post-mortem analysis on traffic flows in accordance with current and emerging threat and attack vectors to identify and/or confirm malicious activity or compromise.
- Manage incident cases from inception to closure, which includes proper prioritization, assignment to incident response teams, and adherence to customer SLAs.
- Research, develop, and keep abreast of testing tools, techniques, and process improvements in support of security detection and analysis.
- Execute tasks or lead small projects as needed.
- Participate in customer and partner facing meetings and projects.
- Communicate and interact directly with other staff to ensure optimal individual and group performance.
- Maintain understanding of unit, department, and applicable Bank regulations, policies and procedures.
- Perform related duties as assigned or requested in compliance with ISO 9000 (International Standards Organization).
- Work weekends and holidays on a rotational basis to ensure 24x7 coverage of Threat Analysis Center (TAC).
Location: East Rutherford Operations Center
Work Schedule: Day Shift; weekends and holidays on a rotational basis
Required Skills:
- Two or more years working in IT security, preferably with hands on experience performing incident detection and analysis in a 24x7 operational environment, or educational equivalent.
- Strong knowledge of current security threats, techniques, and landscape.
- Strong conceptual understanding of SIEM technology as used by information security analysts.
- Knowledge of, and experience with, TCP/IP protocols and packet analysis.
- Knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.
- Working knowledge of Microsoft Office products, including Visio and Project.
- Good communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with clients and IT management and staffs.
- Ability to communicate technical issues to technical and non-technical business representatives on an as needed basis with direction from management.
- Ability to understand strategic objectives and vision, and work towards those goals
- Dedicated and self driven desire to research current information security landscape
- Ability to obtain and maintain National Security Clearance.
- Ability to work on weekends and after-hours as necessary on an unscheduled basis, especially during security incidents and emergencies.
- Ability to work rotational weekends and holidays on a scheduled basis.
Preferred Skills:
- Knowledge of Perl, Python, scripting, or other languages a plus.
- Knowledge of Linux and Microsoft Windows Server or other operating systems.
- Knowledge of databases or SQL a plus.
Education/Certifications:
- Bachelor degree in Computer Science or a related discipline and experience in security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.
- GIAC Certified Intrusion Analyst (GCIA) desired or demonstrated skills and ability to obtain certification.
To apply, please contact:
Andris Zvargulis
RDM, Modis
Andris.Zvargulis@Modis.com
212.378.3763