Security Analyst & IR Specialist

Fulltime, Finance Functions

Pennsylvania, Radnor, United States Apply Now Apply until: Open until further notice

 

Nouryon has an outstanding opportunity for a Security Analyst and Incident Response Analyst in Radnor, PA.

 

The purpose of this role is to work with our cyber security service providers to monitor network security systems and identify potential cybersecurity threats, provide support during security incidents, act as policy advisor, review incidents and work with various vendors and internal groups to improve security operations.

 

Key Responsibilities:

  • Monitor and identify cybersecurity / information technology related incidents that involve enterprise systems and data including personally identifiable information (PII).
  • Detect, investigate and report cybersecurity incidents.
  • Maintains and enhances the vulnerability testing and remediation process.
  • Create cybersecurity reporting metrics, dashboards and scorecards.
  • Help improve the overall security posture by independently verifying the security of enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders.
  • Analyze firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings.
  • Collaborate with SaaS support partners to ensure processes and controls are operating as designed
  • Work with SaaS support partners to provide effective incident response (IR).
  • Monitor and identify cybersecurity / information technology related incidents that involve enterprise systems and data including personally identifiable information (PII).
  • Detect, investigate and report cybersecurity incidents.
  • Maintains and enhances the vulnerability testing and remediation process.
  • Create cybersecurity reporting metrics, dashboards and scorecards.
  • Help improve the overall security posture by independently verifying the security of enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders.
  • Analyze firewall logs, Full Packet Capture (PCAP), IDS alerts, Anti-malware alerts, Host Intrusion Prevent System (HIPS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings.
  • Collaborate with SaaS support partners to ensure processes and controls are operating as designed
  • Work with SaaS support partners to provide effective incident response (IR).
  • Conduct reviews and analysis of proxy logs, Microsoft Windows and Active Directory logs, Orchestrator logs, and malicious code to identify, contain, eradicate, and ensure recovery from incidents.
  • Develop and maintain playbooks to help analysts respond to cyber threats.
  • Provide guidance and leadership for on-site investigations and forensics.
  • Maintain chain of custody in accordance with incident handling procedures and in compliance with NYDFS and other applicable regulations and frameworks.
  • Collaborate across organizational lines through participation in regular IR working group sessions.
  • Develop advanced runbooks and automation based on reporting and response measurements.
  • Supporting data protection tools, processes and Managed Security Service Providers.
  • Monitor security threat feeds, articles, and reports to remain up to date on the latest security risks, threats, and technology trends.
  •  

 

Qualifications:

  • 5 or more years of technical experience in the Information Security field
  • Experience writing, reviewing and editing cyber-related intelligence/assessment products from multiple sources
  • Experience triaging security events using a variety of tools including QRADAR in a security operations environment.
  • Experience with packet flow, TCP/UDP traffic, firewall technologies, IDS technologies (e.g., Snort rules), proxy technologies, and antivirus, spam and spyware solutions.
  • Experience conducting incident response activities and seeing incidents through to successful remediation.
  • Experience with a programming/scripting language such as Python, Perl or similar.
  • Ability to accurately and completely source all data used in intelligence, assessment and/or planning products.
  • Deep knowledge of computer networking concepts and protocols, and network security methodologies.
  • Deep knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
  • Strong understanding of network traffic analysis methods including packet-level analysis.
  • Deep knowledge of network security architecture concepts including topology, protocols, components, and principles.
  • Strong understanding of malware analysis concepts and methodologies.
  • Solid ability to employ incident handling methodologies.
  • Deep knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
  • Strong process execution, time management and organizational skills.
  • Strong work ethic, leadership skills, initiative and ownership of work.
  • Solid ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • High proficiency with common cybersecurity management frameworks, regulatory requirements and industry leading practices.
  • At least one of the following certifications is required: CISSP, CEH and/or the following SANS certifications: GCIH, GCFE, GCFA, GREM, GPEN, GWAPT, GXPN are preferred, but not required.

 

Vacancy data
Closing date
Open until further notice
Vacancy number
N0003353
Organization
Continent
North America
Country
United States
State/Region/Province
Pennsylvania
Site
Radnor
Business
Finance Functions
Job characteristics
Job family
Information Management
Hierarchy level
Professional/Experienced/Specialist
Full time/part time
Fulltime
Contract type
Permanent

Open positions in Information Management

See all

Open positions in United States

See all

About Nouryon

To see the video, please accept the media and social cookie. Cookie settings

Apply for this job by clicking the button. You will be asked to create a profile first.