Cybersecurity Analyst Associate (10876587)Transport is at the core of modern society. Imagine using your expertise to shape sustainable transport and infrastructure solutions for the future? If you seek to make a difference on a global scale, working with next-gen technologies and the sharpest collaborative teams, then we could be a perfect match.What you will doComplete Cyber Monitoring and Incident Response Operations Playbook/Checklist activities including, but not limited to: log review, vulnerability management activities, management report scheduling and running, alert analysis, filter modifications and escalation follow up activity statusMonitor CSOC alert queue and investigate detections for suspicious eventsDevelop, tune and maintain tools to automate analysis capabilities for network-based, host-based and log-based security event analysis. Create signatures, rulesets, and content analysis definitions from various intelligence sources for a variety of detection capabilitiesOrganize and maintain documentation of detection capabilities, alert definition, policy configurations, and tool rulesetsMaintain adherence to Cybersecurity Operations Center standards, policies and proceduresRemain up-to-date on the latest security information in order to validate the security analysis and identification capabilities of the security operations technologiesParticipate in efforts to analyze and define security filters and rules for a variety of security parametersWho are you?Do you dream big? We do too, and we are excited to grow together. In this role, you will bring:Bachelor's degree in cybersecurity or a related 4-year degree, or 3-6 years of relevant IT experience, or 2-4 years of IT Security experienceA good team player with a passion for cyber defenseIntrusion Detection, Network Traffic Analysis, Log Analysis, Rule/Signature/Content Development, programming or scripting requiredAbility to analyze logs, alerts, network traffic and other data sources to validate security eventsAbility to create signatures and detection content in IDS, SEIM and log analysis platformsAbility to consume, comprehend and utilize and create indicators of compromisePerform daily analysis of detection reports and alertsMaintain tools, scripts and applications for detection and automation capabilitiesIdentify opportunities for capability and efficiency improvementsExhibit understanding of tools, tactics, and procedures of malicious actors and advanced persistent threatsIdentify and report on detection trendsWhat's in it for you?We offer a solid package of compensation and benefits, plus you will enjoy:Competitive medical and dental insuranceA working environment where your safety, health and wellbeing come firstReady for the next move?Are you excited to bring your skills and disruptive ideas to the table? We can't wait to hear from you. Apply today!We value your data privacy and therefore do not accept applications via mail.
#J-18808-Ljbffr