SunTrust Banks Cyber Security Event/Incident Analyst (Evening Shift: 3 pm - 12 midnight) in Atlanta, Georgia
Req ID: W454071
The Cyber Security Event Analyst is an entry-level role that will investigate and respond to possible or confirmed cyber-attacks or vulnerabilities within the SunTrust environment.
The Cyber Security Incident Analyst will track incident escalations from the Event Analyst to resolution - execute containment, eradication, and recovery strategies.
· The Cyber Security Incident Analyst will lead and manage cyber security incidents actions to ensure timely response to active threats, intrusions, and/or compromises.
· Validate the scope of the compromise and perform a detailed root-cause analysis
· Identify and validate any data exfiltration attempts.
· Initiate containment strategies and solicit input from key stakeholders and SMEs, as necessary.
· Provide independent analysis of potential malware and exploits.
· Participate in forensic investigations, as needed, including the collection, preservation of electronic evidence, analysis, and creation of a final forensics report.
· Determine and initiate eradication steps including removal of malicious artifacts from known affected systems.
· Initiate recovery actions to ensure all affected systems and resources are brought back online and normal business processes are resumed.
· Document and communicate incident response action(s) taken, in accordance with established reporting procedures.
· Recommend effective process changes to enhance defense and response procedures.
· The Cyber Security Incident Analyst will assist with onboarding training and mentoring to help raise the talent/skill level of Cyber Security Event Analysts.
Qualifications Minimum Requirements:
Basic knowledge of common IT and security concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques, cyber incident response, malware analysis, computer forensics and the tools that support these processes. Ability to analyze solutions using deductive reasoning and critical thinking to solve problems in straightforward situations. Demonstrated teamwork and collaboration skills. Strong time management skills and ability to manage competing priorities effectively. Effective verbal and written communication skills for the purpose of providing basic information about event timelines, technical designs, system concepts and business impact. Ability to obtain requisite technical certification(s) within six months of hire.
Preferred Requirements: Bachelor's degree in Information Security, Information Technology, Computer Science or similar field. Experience within a security operations environment (SOC) with emphasis on cyber security incident management, network, host and application security, intrusion detection and/or other security event analysis. Working knowledge of security incident response tools, SIEM, working knowledge of Windows, UNIX/LINUX operating systems, and networking devices. Ability to perform surface malware analysis to help understand the type of malware, properties, and basic facts from a high-level perspective. Advanced experience with log and packet analysis tools and techniques. Experience with SPLUNK Enterprise Security (ES). Experience managing SPLUNK knowledge objects (e.g. fields, extractions, tags, event types, lookups, workflow actions, aliases, macros, etc.)
One or more of the following (or similar) certifications: Security+, GSEC, GCIA, GCIH, GCFA, GCED, GPEN, GWAPT, GREM, CEH, or CISSP.
Equal Opportunity Employer: SunTrust supports a diverse workforce and is a Drug Testing and Equal Opportunity Employer. SunTrust does not discriminate against individuals on the basis of race, creed, color, gender, religion, national origin, age, disability, veteran status, pregnancy, marital status, citizenship status, sexual orientation, gender identity, genetic information, or any other classification protected by applicable laws.
To review the EEO Poster, copy and paste the following link into your browser: http://www1.eeoc.gov/employers/upload/eeocselfprintposter.pdf http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCPEEOSupplementFinalJRFQA_508c.pdf
© 2017 SunTrust Banks, Inc. All rights reserved.
SunTrust is federally registered service marks of SunTrust Banks, Inc.