Cyber Security Analyst 9/16/2016
Horizon Blue Cross Blue Shield of New Jersey
JOB DESCRIPTIONAPPLY Come join Horizon Blue Cross Blue Shield of New Jersey as we celebrate being ranked 3rd on the 2016 InformationWeek Elite 100. One of the industry's most prestigious awards, the InformationWeek Elite 100 corporate rankings spotlight the most accomplished business technology innovators
The Cyber Security Analyst actively prepares for, and hunts for, malicious internal and external threats as a part of our cyber incident response program in the Security Operations Center (SOC). Ability to work in a large corporate environment as well as some experience analyzing malware, emerging threats and emerging risks is important. The role will report to the Director of Cyber Security, DFIR and Vulnerability Management
* Performs daily incident detection and response operations. The CSO Analyst will be responsible for monitoring, investigating, researching and analyzing the intrusion and developing prevention tools and systems. Monitoring and scanning servers for intrusion.
* Audit and review security and audit logs for firewall, IPS, IDS, Wireless, IdM, SPAM, Internet, content filtering, WAN/LAN routers, wireless APs and servers, as e-mail activity. Utilize tools to analyze attack patterns, inappropriate / out of policy activity, or access misuse. Report all violations to the appropriate personnel for review and corrective action.
* Analyzes and escalates (as appropriate) relevant Information Security Event information. Takes action to handle high severity issues including escalating to other business areas as necessary and providing potential resolution or areas of improvement.
* Triage the incident details and provide support to Business Managers.
* Analyze events from a response perspective: apply skill and judgment to determine if escalations are warranted.
* Specializes in network and/or host analysis, and/or malware analysis, and/or log-centric analysis
* Clearly and concisely document observations. The SOC Analyst will be responsible for creating and maintaining reports on performance Indicators and weekly and Monthly Metrics in order to maintain historical records and identify trends, etc.
* Collaborates with peers to implement changes to analysis tools as required, including inclusion of log sources/types and refinement of alerts/signatures
* Work with HR and SIU as necessary to provide additional details for escalated cases as necessary.
* Technical consultant for the IT department to plan, implement and support new and existing security technologies; Serve as an expert in technical field of knowledge.
Skills and Abilities:
* Malware analysis & reverse engineering skills are a plus
* Familiarity with scripting / programming (Python, Perl, C, etc.)
* EnCE, and / or GIAC certifications are desirable
* An understanding of APT, cyber-crime, botnets and associated Tools, Tactics and Procedures
* Strong verbal and written communication skills
* Experience with IDS, Network Forensics, Network Security Monitoring (NSM) and netflow tools and analysis
* Networking (TCP/IP, UDP, Routing)
* Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
* System/Application vulnerabilities and exploitation
* Operating systems (Windows, *Nix, and Mac)
* Requires an excellent understanding of IT security concepts with an emphasis on advanced detection, digital forensics and response
* Requires excellent knowledge of IT and computer systems
* Requires exceptional analytical thinking skills or Excellent analytical and problem solving skills
* Requires excellent verbal and written communication skills
* Requires excellent interpersonal skills and the ability to work effectively with others as a team
* Requires excellent PC skills and demonstrated proficiency with MS Office Suite
* Requires the ability to handle multiple tasks and prioritize effectively
* Detail oriented and excellent organizational, time and stress management skills
* Ability to work well individually as well as in a team environment
* Self-starter with demonstrated ability to make decisions
* Bachelor's degree, Information Security or Computer Science or related technical discipline
* Minimum 1 year prior experience detecting/responding to cyber incidents or similar
* 5-7yrs IT security related work experience (can be waved for advanced information security degree)
* 5-7 years experience with Intrusion Event Systems (IDS) analysis or
* 5-7 years experience with host forensics (timeline analysis, registry analysis, etc.) or
* 5-7 years experience with network forensic tools & techniques and memory forensic tools and techniques and
* Demonstrated experience with Windows and/or Linux operating systems and
* Demonstrated understanding/familiarity with networking fundamentals including subnetting, TCP/IP, protocols such as SSL, DNS, http, etc.)
* Certified in one or more of the following: CISSP, CISA, CISM, CEH, technology specific (proxy, data loss prevention, firewall, etc)
Horizon Blue Cross Blue Shield of New Jersey is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or status as an individual with a disability and any other protected class as required by federal, state or local law.