Vacancy expired!
Description
The Cyber Security Detection Analyst III is responsible for performing triage of security events that are escalated by the SIEM (Security Information and Event Management platform) and other controls. This role involves following established processes and procedures to observe events, assess them for threats, and escalate events to Incident Response as needed. The analyst will be expected to focus on more complex security events, lead security related projects, and provide guidance to junior analysts. Implementing and improving security alerts in our SIEM will also be expected.Primary Responsibilities:- Monitor, and triage security events surfaced through CME's Security Information and Event Management (SIEM) platform and other channels
- Professionally interface with CME Group employees who report security concerns
- Use triage procedures (and keen judgement) to identify, escalate, and document security incidents, and train/support junior analysts with the same
- Create, document, and update detection measures, and associated triage procedures
- Review and modify configurations of security systems to maximize defensive coverage
- Lead and deliver complex information security projects and provide support junior analysts
- Strong customer-service orientation
- Strong analytical and troubleshooting skills
- High level critical thinking skills
- Excellent written and oral communication skills
- Excellent listening and interpersonal skills
- Ability to communicate ideas in both technical and user-friendly language
- Ability to conduct research into network/security issues and products
- Comfortable working in a dynamic environment with multiple goals
- Highly self-motivated and directed, with keen attention to detail
- Able to prioritize and execute tasks in a high-pressure environment
- Experience working in a team-oriented, collaborative environment
- Ability to deal diplomatically and effectively at all levels of the organization including both technical and non-technical, management and senior leadership
- 3-5 years of experience (typical) in Information Security
- Successful candidates should be able to demonstrate a passion for information security through course work/degrees completed, self-study, and/or certifications that have been completed
- BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experience
- CISSP, GSEC, GCIH, GCFE, GCIA, GMON (or related experience)
- Intermediate to advanced Python experience is a plus
- Experience with cloud platforms (AWS, Google Cloud Platform, Azure), including implementing and monitoring security controls in those platforms
Vacancy expired!