Konica Minolta - Ramsey, NJ

posted about 2 months ago

Full-time - Mid Level
Ramsey, NJ
501-1,000 employees
Rental and Leasing Services

About the position

The Sr. Cybersecurity Analyst is a pivotal role within the Security Operations Center (SOC) at Konica Minolta, requiring a high level of expertise in various security domains and technologies. This position is primarily focused on providing security monitoring and protection services to our SIEM and MEDR customers. The analyst will be responsible for the analysis of security events, offering 'tier 2' investigation support, and contributing to the lifecycle ownership of managed security services, which includes onboarding new customers and providing operational support. The role necessitates close collaboration with the SOC manager, peer analysts, engineers, and other teams within the All Covered/Konica Minolta ecosystem to achieve these objectives. In this role, the analyst will lead security incident investigations, conducting thorough technical analyses that encompass host and network-based forensics. They will evaluate security solutions and stay updated on the latest security news, attacks, threats, vulnerabilities, and exploits by monitoring various security blogs, alerts, notifications, RSS feeds, and forums. The analyst will review and analyze data and network traffic from numerous security tools, such as full packet captures and security device logs, to detect traffic anomalies, identify infected systems, and determine the lateral movement of infections across the network. Additionally, they will contribute to incident response efforts, maintaining relevant communication through emails, ticket summaries, analysis, and reporting, while working with Incident Handlers to recommend remediation for compromised systems and relevant counter-measures. The position also involves performing malware analysis, identifying areas of persistence on user devices, and detecting indicators associated with malware or specific Advanced Persistent Threat (APT) techniques. The analyst will be responsible for reviewing, creating, or documenting standard operating procedures, recommendations, project-specific documents, and resource guides as needed, ensuring that all processes are well-documented and communicated effectively.

Responsibilities

  • Lead security incident investigations, conducting in-depth technical analysis (including host and network-based forensics).
  • Evaluate security solutions and monitor various security blogs, alerts, notifications, RSS feeds, and forums to stay updated on the latest security news, attacks, threats, vulnerabilities, and exploits.
  • Review and analyze data and network traffic from numerous security tools such as full packet captures and security device logs to detect traffic anomalies, identify infected systems, and determine lateral movement of infections across the network.
  • Contribute to incident response, maintaining relevant communication in emails, ticket summaries, analysis, and reporting.
  • Work with Incident Handlers to provide recommendations for remediation of compromised systems and any relevant counter-measures.
  • Perform malware analysis, identify areas of persistence on user devices, and detect indicators associated with malware or specific Advanced Persistent Threat (APT) techniques.
  • Review, create, or document standard operating procedures, recommendations, project-specific documents, and resource guides as needed.

Requirements

  • Minimum 5 years' experience in the Cyber Security field, with senior level experience analyzing and responding to alerts from a SIEM & EDR platform.
  • 2-3 years' experience administering & providing operational support in security disciplines (e.g. incident response, threat hunting, investigations, security infrastructure management, or monitoring services).
  • 1+ years experience in content management work (e.g. develop custom detection rules, custom integrations, developing scripts, etc).
  • SentinelOne experience is highly preferred.
  • Industry standard information security and incident response certifications (CISSP, GCIA, GCIH, GREM, etc) are a plus.
  • Memberships and participation in relevant professional associations.
  • In-depth knowledge of network intrusion methods, network containment and segregation techniques.
  • In-depth knowledge of operating systems (Windows & UNIX, Mac OS X a plus).
  • Expert understanding of TCP/IP networking, routing protocols and full packet capture analysis.
  • In-depth network security expertise including firewall, IDS and IPS.
  • Experience building baselines of network activity for use in anomaly detection.
  • Experience with proactive threat hunting techniques and concepts in an enterprise environment.
  • Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs).
  • Knowledge of typical behaviors of both malware and malware authors.
  • Static and dynamic malware analysis experience.
  • Experience using and writing custom signatures for IDS.
  • Digital forensics experience focusing on Windows systems from a malware perspective.
  • Knowledge of enterprise systems and infrastructure.
  • Proven understanding of log parsing and analysis at a large scale with data clustering tools or techniques.
  • Experience with a scripting language such as Perl, Ruby, Python, and BASH.
  • Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors.
  • Able to work under pressure in time critical situations.
  • Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation.
  • Excellent written and verbal communication skills are required.

Nice-to-haves

  • Memberships and participation in relevant professional associations.

Benefits

  • Health insurance coverage
  • Dental insurance coverage
  • 401k benefit for retirement savings plan
  • 401(k) matching benefit
  • Paid holidays
  • Flexible scheduling options
  • Professional development opportunities
  • Tuition reimbursement for further education
  • Employee discount programs
  • Life insurance coverage
  • Mental health days
  • Paid volunteer time
  • Wellness programs
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service