Lead Cyber Security Analyst - AWS Cloud Security

Summary

The Lead Cyber Security Analyst Prevents detects and responds to cyber security incidents through proactive threat analysis countermeasure deployment policy and architecture consulting coordinating resources and directing use of timely and appropriate countermeasures. Analyze existing or potential security solutions and implement changes to increase their effectiveness including the creation of new solutions to fill critical gaps. Conduct and/or participate in technical self-assessment activities. Effectively communicate necessary information to relevant personnel in a timely and appropriate manner.

Duties and Responsibilities

• Lead incident response training
• Owner of the incident response plan
• Lead or participate in red team penetration testing and technical self-assessment activities
• Lead phishing awareness training including creation sending data collection and data reporting
• Primary or backup administrative roles for information security owned equipment and software
• Lead continuous monitoring data collection coordination and reporting between Honeywell FM&T and HQ
• Lead and primary duty officer responsible for 24/7 response to potential security incidents and invoking incident response if necessary
• Prevention of cyber security incidents through proactive threat analysis countermeasure deployment and policy and architecture consulting
• Detection of potential intrusions in real-time and through historical trending on security-relevant data sources
• Respond to confirmed security incidents by coordinating resources and directing use of timely and appropriate countermeasures
• Develop and maintain tools used inside and outside Honeywell FM&T to assist with cyber security functions
• Research test develop and implement technical security solutions to support critical security systems and applications.
• Continuously improve existing technical security solutions based on results feedback and new threat information.
• Review and provide decisive feedback and assistance interpreting data from other systems including IT owned systems (vulnerability scanners email systems log analysis system SIEMs etc.)
• Provide technical direction consultation and training for information security staff.
• Primary contact for all WLS related activities including internal external government customers and external commercial customers
• Develop and define the appropriate architecture and technical requirements necessary to address information security needs.
• Develop and maintain detailed technical support documentation and procedures regarding the security infrastructure systems and processes used.

You Must Have

• Bachelors degree in a computer science field or equivalent.
• 7 years in information security
• This position may require on-call availability to respond to urgent escalations after regular/core business hours.

We Value

• Understanding of the broader information security field including malware emerging threats attacks and vulnerability management
• Familiar with various programming and scripting languages
• Demonstrated knowledge and operational experience with multiple cyber tools such as SIEMs log analysis vulnerability scanners intrusion detection/prevention systems web proxys firewalls and email scanners
• Attention to detail
• Demonstrated integrity in a professional environment
• Good social communication and technical writing skills