Info Security Specialist

Raleigh, WV - USA

Monthly Salary: Not Disclosed

Posted on: 8 hours ago

Vacancies: 1 Vacancy

Job Summary

Individual contributor for second shift focused on proactively finding adversary activities in the network with the goal of discovery before they complete their mission. The ideal candidate would have skills and experience in log analysis network traffic analysis and MITRE attack framework.

Part of the global IT security team working closely with the US SOCs teams.
Performs a combination of duties in accordance with departmental guidelines.
Conduct real-time and historical analysis using the full security suite owned by CNA including Endpoint Protection SIEM Firewall Endpoint Detection & Response Intrusion Detection Systems Email Gateway Web Content Filtering Network Detection & Response & Identity Management technology.
Conduct incident response triage analysis on suspected hosts to determine potential ongoing attacks and its scope.
Conduct analysis review of junior staff for quality control; mentor junior staff to encourage career growth and development.
Stay on top of latest attacker tactics techniques and procedure to discover sophisticated threats in the network.
Collaborate with SOC Intelligence Incident Response and Enterprise Security Teams for incident investigations and hunt missions when possible.
Identify visibility gaps in the network and recommend solutions.
Develop maintain and update playbooks process and detection capabilities based on real-time feedback from investigations.
Coordinate escalation for advance forensics malware reverse-engineering and additional host review tasks to third party vendors.
Articulate security incident details to business stakeholders and non-technical individuals.
May perform additional duties as assigned

Skills:
Familiarity with SOC operations scheduling and tools including SIEM SOAR and DFIR products.
Knowledge of the incident response lifecycle and cyber security leading practices.
Solid understanding of security policy construction and publication.
In-depth knowledge of regulations (i.e. SOX privacy etc.) and internal controls as they apply to IT.
Ability to influence change in corporate understanding and adoption of information security concepts.
Proven solid analytical and problem solving skills.
Excellent communications and interpersonal skills and the ability to work effectively with peers IT management and staff and internal/external business partners/clients.
Ability to manage various technical projects to completion.
Advanced computer skills including Microsoft Office suite and other business related software systems. Other technologies will apply dependent on business area supported.
Preferred insurance industry knowledge.

Keywords:
Education: Typically a minimum of five years of technical experience in the security aspects of multiple platforms operating systems software communications and network protocols or an equivalent combination.
Industry certifications preferred (CISSP GCFA GCIH GCFE or equivalent) or related discipline or equivalent experience in Computer Science

Required Skills:

SIEM SOAR and DFIRSOCCNA

Individual contributor for second shift focused on proactively finding adversary activities in the network with the goal of discovery before they complete their mission. The ideal candidate would have skills and experience in log analysis network traffic analysis and MITRE attack framework. Part o...

Individual contributor for second shift focused on proactively finding adversary activities in the network with the goal of discovery before they complete their mission. The ideal candidate would have skills and experience in log analysis network traffic analysis and MITRE attack framework.

Part of the global IT security team working closely with the US SOCs teams.
Performs a combination of duties in accordance with departmental guidelines.
Conduct real-time and historical analysis using the full security suite owned by CNA including Endpoint Protection SIEM Firewall Endpoint Detection & Response Intrusion Detection Systems Email Gateway Web Content Filtering Network Detection & Response & Identity Management technology.
Conduct incident response triage analysis on suspected hosts to determine potential ongoing attacks and its scope.
Conduct analysis review of junior staff for quality control; mentor junior staff to encourage career growth and development.
Stay on top of latest attacker tactics techniques and procedure to discover sophisticated threats in the network.
Collaborate with SOC Intelligence Incident Response and Enterprise Security Teams for incident investigations and hunt missions when possible.
Identify visibility gaps in the network and recommend solutions.
Develop maintain and update playbooks process and detection capabilities based on real-time feedback from investigations.
Coordinate escalation for advance forensics malware reverse-engineering and additional host review tasks to third party vendors.
Articulate security incident details to business stakeholders and non-technical individuals.
May perform additional duties as assigned

Skills:
Familiarity with SOC operations scheduling and tools including SIEM SOAR and DFIR products.
Knowledge of the incident response lifecycle and cyber security leading practices.
Solid understanding of security policy construction and publication.
In-depth knowledge of regulations (i.e. SOX privacy etc.) and internal controls as they apply to IT.
Ability to influence change in corporate understanding and adoption of information security concepts.
Proven solid analytical and problem solving skills.
Excellent communications and interpersonal skills and the ability to work effectively with peers IT management and staff and internal/external business partners/clients.
Ability to manage various technical projects to completion.
Advanced computer skills including Microsoft Office suite and other business related software systems. Other technologies will apply dependent on business area supported.
Preferred insurance industry knowledge.

Keywords:
Education: Typically a minimum of five years of technical experience in the security aspects of multiple platforms operating systems software communications and network protocols or an equivalent combination.
Industry certifications preferred (CISSP GCFA GCIH GCFE or equivalent) or related discipline or equivalent experience in Computer Science