Cybersecurity Threat Principal Analyst (Vulnerability Remediation)

Truist Financial - Atlanta, GA

posted 5 months ago

Part-time,Full-time - Mid Level
Atlanta, GA
Credit Intermediation and Related Activities

About the position

The Cybersecurity Threat Principal Analyst (Vulnerability Remediation) plays a critical role in supporting Information Security and Cybersecurity Threat Management programs. This position is responsible for responding to cyber incidents while collaborating within a multi-team environment. The analyst will process vulnerability and threat data from various internal and external sources to provide actionable intelligence to internal stakeholders. This intelligence will help implement countermeasures and enhance the defenses of our information systems and resources. The role also serves as an advanced escalation point for incident response activities and cybersecurity investigations. In this position, the analyst will conduct cyber investigations for escalated and complex computer security incidents utilizing computer forensics, network forensics, root cause analysis, and malware analysis. They will develop both tactical and strategic cyber intelligence from acquired threat intelligence and technical indicators sourced from both external and internal channels. The analyst will participate in the creation and maintenance of use cases and playbooks that support the 24/7 Cybersecurity Threat Operations and Cybersecurity Threat Management program. Additionally, they will interface with various teams within Information Security, including network operations and the Cyber Threat Operations Center (CTOC), to guide cybersecurity investigations and incidents effectively. The role requires the identification of new threat tactics, techniques, and procedures employed by cyber threat actors, as well as proactive engagement in threat hunting activities to search for potential threats within the enterprise environment.

Responsibilities

  • Conduct cyber investigations for escalated and challenging computer security incidents using computer forensics, network forensics, root cause analysis and malware analysis.
  • Develop tactical and strategic cyber intelligence from acquired threat intelligence and technical indicators from external and internal sources.
  • Participate in the creation and maintenance of use cases for recurring investigation/incident triggers in support of the 24/7 Cybersecurity Threat Operations and Cybersecurity Threat Management program.
  • Participate in the creation and maintenance of playbooks used in response for investigation/incident triggers in support of 24/7 Cybersecurity Threat Operations and Cybersecurity Threat Management program.
  • Interface with other teams in Information Security to guide cyber security investigations and incidents.
  • Identify new threat tactics, techniques and procedures used by cyber threat actors.
  • Proactively engage in threat hunting activities to proactively search for threats in the enterprise environment.

Requirements

  • Bachelor's degree in Computer Science or related field or equivalent education and related training.
  • 3-5 years of experience in Cybersecurity or related work.
  • Broad knowledge of general IT with mastery of one or more of the following areas: operating systems, networking, computer programming, web development or database administration.
  • Demonstrated advanced knowledge of cyber security operations with mastery of one or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation.
  • Experience with systems for automated threat intelligence sharing using industry standard protocols, such as Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Indication Information (TAXII).
  • Advanced knowledge of processes, procedures and methods to research, analyze and disseminate threat intelligence information.
  • Ability to lead and persuade individuals and large teams on ideas, concepts and opportunities.

Nice-to-haves

  • 3-5 years of experience in a related field.
  • Industry certifications in general technology (e.g. Microsoft Certified Professional (MCP), Microsoft Certified Solutions Expert (MCSE), Network+).
  • Industry certifications in cyber security and forensics, such as Certified Information Systems Security Professional (CISSP), Certified Forensic Computer Examiner (CFCE), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH) and other related credentials.
  • Industry certifications in networking, such as Cisco Certified Network Associate (CCNA), Certified Wireless Network Administrator (CWNA) and/or Net+ and experience in the Intelligence Community (IC).
  • Demonstrated leadership experience.
  • An understanding of Vulnerability Remediation.
  • Ability to organize and manage large enterprise data sets.
  • Adaptable to change.

Benefits

  • Medical insurance
  • Dental insurance
  • Vision insurance
  • Life insurance
  • Disability insurance
  • Accidental death and dismemberment insurance
  • Tax-preferred savings accounts
  • 401k plan
  • Vacation days (minimum of 10 days)
  • Sick days (minimum of 10 days)
  • Paid holidays
  • Defined benefit pension plan (depending on position and division)
  • Restricted stock units (depending on position and division)
  • Deferred compensation plan (depending on position and division)

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service