Lead Cybersecurity Analyst

Summary

Join Zillion Technologies Inc. as a Lead Cybersecurity Analyst and lead daily cybersecurity operations, incident response, and the development of the cybersecurity operations center (CSOC). You will architect and support the CSOC technology portfolio and cybersecurity risk management program, mentoring the team and contributing to the overall cybersecurity strategy. This remote position requires collaboration with other IT departments and stakeholders to deliver solutions, reduce cyber risks, and identify emerging threats. You will conduct cyber investigations, analyze security events, and provide security reviews and mitigation recommendations. The role involves leading and mentoring the cyber team, setting standards, and promoting strategic planning to reduce cyber risks.

Requirements

• Bachelor's Degree Information Technology
• Certification relevant information security certifications (e.g., CISSP, CISA, CISM, CRISC, or GIAC) or the ability to gain a certification within 6 months of hire
• 8 years of cybersecurity work experience
• Experience using malware analysis, forensics solutions and utilities
• Experience in cyber investigations using formal chain-of-custody methods
• Solid knowledge and experience with IT security aspects of operating systems, Active Directory, database (SQL) access, LDAP, Microsoft SharePoint, web server configurations, networks server administration, data networking, firewall administration, cloud technologies, and/or application development
• Experience working in a regulated industry and be familiar with government and industry regulations that involve information security. These include PCI, FISMA, GLBA, FERPA, NERC CIP, TSA, HIPAA, or SOX
• Solid understanding and experience with security development lifecycle (SDL) processes for internally developed applications, including the web-based and Internet facing components
• Experience managing security related projects involving multiple teams, utilizing project management tools (task allocation, check point meetings, project milestones, etc.)

Responsibilities

• Lead incident response efforts, such as responding to identified malicious activity or highly critical vulnerabilities that pose a threat to the organization
• Onboard data, configure integrations, and setup security alerting for the security information and event management (SIEM) solution, which includes parsing and analyzing large, complex data sets and integrating into the security case management system
• Leverage knowledge in multiple security disciplines, such as Windows, Unix, Linux, data loss prevention (DLP), endpoint controls, databases, wireless security, and data networking, to offer global solutions for a complex heterogeneous environment
• Responsible for the continuous maturity of monitoring and incident response capabilities
• Stay current with, and remain knowledgeable, about new threats. Analyze attacker tactics, techniques, and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems
• Conduct cyber investigations including suspicious files analysis across applications, networks, and endpoints, including memory and disk forensics, to determine maliciousness. Analysis requires knowledge of traditional malware, but also repurposed files that are not malicious, as well as targeted malware and zero-day attacks
• Acts as primary security resource for strategic initiatives by providing security reviews and mitigation recommendations that address concerns going forward
• Provides leadership for cyber team including setting standards, identifying emerging threats, mentoring team on how to mitigate risks, and collaborating with business and IT resources
• Promotes strategic comprehensive planning by identifying advocating for security solutions or practices that substantially reduce the cyber risk of organization
• Engages in other duties as needed that support Client’s Values and helps deliver on our Purpose to serve customers and build stronger communities

Preferred Qualifications

• 6 years of security monitoring and incident response experience
• 4 years of in-depth security log analysis experience
• In depth knowledge of utility industry, technology trends, cybersecurity, and regulatory changes
• Able to architect, lead teams, and provided mentorship in the following areas: Secure by design. Security development lifecycle (SDL). IT security aspects of operating systems, Active Directory, database (SQL) access, LDAP, Microsoft SharePoint, web server configurations, and networks, server administration, data networking, firewall administration, and/or applications development. Information risk management. Managing cybersecurity related projects or programs
• Excellent collaboration skills - able to lead cross-functional teams to deliver cybersecurity initiatives
• Able to architect, lead teams, and mentor others in Secure by design, security development lifecycle (SDL), information risk management, and managing cybersecurity related projects or programs

Benefits

Remote work