Vacancy caducado!
GEICO is seeking a highly motivated, confident, decisive Senior Security Analyst to join our SIRT team. As a member of SIRT, you will be the front-line responder combating cybersecurity threats against GEICO and their customers by handling security events. You will be challenged with rapidly changing incidents where attackers use the latest cutting-edge technology in their attempt to breach GEICO. You will conduct incident response activities, including advanced investigation (malware analysis, threat actor analysis and attribution, root cause analysis), response, and remediation.Responsibilities:
- Identify, respond, and mitigate sophisticated threats to GEICO
- Review/Comprehend logs and apply use case scenarios into the analysis environment for building better threat detection capabilities
- Use data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
- Intuitive and rapid (but accurate) decision making
- Ability to work independently and as a team member
- Ability to handle advanced-level triage and troubleshooting
- Ability to apply strong critical thinking, logic, decision making, troubleshooting, and problem-solving skills
- Ability to understand complex problems while presenting them simplistically in a formal setting
- Knowledge of computer networking concepts and protocols, and network security methodologies
- Must be able to learn and apply large amounts of technical and procedural information, and to follow published standards and processes.
- Must be able to follow complex instructions, resolve conflicts or facilitate conflict resolution, and have strong organization/priority setting skills.
- Must possess or obtain Security + within 6 months and possess or obtain CEH and/or CYSA+ within 12 months as a condition of employment
- Knowledge of IOCs and TTPs
- Ability to analyze Windows systems for changes that occur during a specific timeframe.
- Ability to read packet captures
- Proficient in scripting languages such as Bash, Python, Perl, and Powershell
- Proven experience performing root cause analysis of security events and incidents
- Minimum 5+ years analyst experience, preferably in a fast-paced environment
- Knowledge of cloud computing technologies and concepts (SaaS, PaaS, IaaS, etc.)
- Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters)
- Certified Ethical Hacker (CEH)
- GIAC Certified Incident Handler (GCIH),
- GIAC Certified Forensic Analyst (GCFA),
- GIAC Reverse Engineering Malware (GREM),
- GIAC Cyber Threat Intelligence (GCTI),
- CompTIA Cybersecurity Analyst (CySA+)
- Certified Information Systems Security Professional (CISSP)
- Premier Medical, Dental and Vision Insurance with no waiting period
- Paid Vacation, Sick and Parental Leave
- 401(k) Plan with Profit Sharing
- Tuition Reimbursement
- Paid Training and Licensures