Cyber Security Analyst II

BankUnited - Miami Lakes, FL

posted 3 months ago

Full-time - Mid Level
Miami Lakes, FL
Wholesale Trade Agents and Brokers

About the position

As a Cyber Security Analyst II at BankUnited, you will be an integral member of the Security & Network Operations Center (SNOC) team, tasked with the proactive assessment and analysis of cyber threat information relevant to both on-premise and cloud environments. Your role will involve understanding various cyber threats and implementing effective measures to prevent or combat existing and potential threats. You will monitor and analyze network traffic, Intrusion Detection/Prevention Systems (IDS/IPS), and Data Loss Prevention (DLP) events, ensuring compliance with security policies and standards. This position requires a keen eye for detail as you will perform secondary reviews of DLP systems and policies, escalate non-compliance issues, and work closely with internal customers to address escalations. In addition to monitoring and analyzing security events, you will be responsible for determining the severity of potential intrusion attempts, escalating security events to incidents when necessary, and following established incident response processes. You will create and track security investigations to resolution, manage tickets related to false positives, and provide investigation, triage, and mitigation of detected security events. Your role will also involve composing security alert notifications and advising incident responders on the necessary steps to investigate and resolve security incidents. Staying current with emerging vulnerabilities, attacks, and countermeasures is crucial in this position. You will collaborate with the SNOC 24x7 operations team, network and system administrators, and other IT/IS groups to provide incident response support and assess the risk of various events. Conducting Digital Forensics and Incident Response (DFIR) analysis of suspected compromised systems will also be part of your responsibilities. You will assist in establishing procedures for handling security events and maintain knowledge of the current security threat landscape by monitoring threat intelligence sources. Your insights will help improve detection and prevention strategies against cyber attacks, and you will provide guidance on IT initiatives and projects in line with security best practices.

Responsibilities

  • Monitor and analyze network traffic, IDS/IPS, DLP events, security events, and logs.
  • Perform secondary reviews and maintain DLP systems and policies.
  • Understand security and compliance policies and incident response processes.
  • Review daily reports to ensure compliance with policies and standards.
  • Escalate non-compliance issues and follow up on remediation actions.
  • Respond to escalations from internal customers.
  • Differentiate between potential intrusion attempts and false alarms.
  • Determine if security events should be escalated to incidents and follow incident response procedures.
  • Create and track security investigations to resolution.
  • Open and assign tickets to the correct resolver and validate/close tickets related to false positives.
  • Provide investigation, triage, and mitigation of detected security events.
  • Compose security alert notifications and other communications.
  • Advise incident responders on investigation and resolution steps for security incidents.
  • Stay updated with current vulnerabilities, attacks, and countermeasures.
  • Collaborate with SNOC operations team and IT/IS groups for incident response support.
  • Conduct DFIR analysis of suspected compromised systems.
  • Assist in establishing procedures for handling security events.
  • Monitor threat intelligence sources to maintain knowledge of security threat levels.
  • Utilize intelligence from the Threat Intelligence team to improve detection and prevention strategies.
  • Provide advice on IT initiatives and projects regarding security best practices.

Requirements

  • Bachelor's degree in Information Security, Computer Science, Information Assurance, Cyber Security, or related field, or equivalent combination of work and certifications.
  • Experience in cloud security or cloud administration.
  • Experience with cloud security tools and technologies such as AWS Security Hub, Azure Security Center, GCP Security Command Center.
  • Experience with scripting languages.
  • Firm grasp of the design and implementation of effective IS controls.
  • Experience with Security Orchestration Automation Response (SOAR).
  • Cyber security analysis, incident response, or related security experience.

Nice-to-haves

  • CISSP Certified Information Systems Security Professional
  • CEH Certified Ethical Hacker
  • CHFI Computer Hacking Forensics Investigator
  • SANS/GIAC Training or certifications
  • CCSP Certified Cloud Security Professional
  • SSCP Systems Security Certified Professional
  • Cloud Security Certifications (e.g. AWS)
  • Security+ Certificate in Cyber Security.

Benefits

  • Health insurance
  • 401k plan
  • Paid holidays
  • Professional development opportunities
  • Flexible scheduling options.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service