Cyber Threat Analyst, IT - Security

Section 1: Position Summary The Cyber Threat Detection and Response team is responsible for shaping and maintaining a Cyber Threat Intelligence program that aligns with leading industry standards, advice, and direction. This involves operating and continually improving existing Cyber Threat Intelligence processes, as well as the development of new processes in response to evolving threats and business requirements. This role will work in close partnership with Security Engineering team, IT Architect(s), Risk and Legal. This position will report directly to the Ascensus Chief Information Security Officer. Section 2: Job Functions, Essential Duties and Responsibilities • Monitoring of all cybersecurity solutions including but not limited SIEM, EDR, Vulnerability Management, Network, FW / IPS, DLP, cloud for suspicious activities. • Develop and maintain 24/7 SOC Tier 1 and Tier 2 cybersecurity SOP and playbooks. • Monitor threat detection and response tools including but not limited to malware analysis, email analysis, application analysis (SAST/DAST monitoring), network analysis, domain intelligence, threat IOC and feeds, forensic analysis, and sandbox tools. • Establish and embed key threat intelligence KPIs and reporting capabilities. • Follow digital forensic program and process as directed. • Execute IT incident response plan as directed. • Assist in the performance of penetration testing and yearly managed service assessment. Supervision • N/A Section 3: Experience, Skills, Knowledge Requirements • Minimum 2 years of experience in Information Security. • Good understanding of the cyber threat landscape. • Demonstrable knowledge of all the following areas: cybersecurity concepts, network protocols, firewalls, IDS/IPS systems, email security, endpoint security, network security, Windows/Linux/macOS systems, cyber threat hunting, malware analysis tools and techniques, cyber threat intelligence, common threat actor TTPs, application security concepts, cloud security fundamentals, Incident Response methodologies. • Be highly inquisitive and never stop asking questions or looking for results. • Knowledge of relevant frameworks, standards, and best practices such as NIST CSF, PCI-DSS, CIS CSCs, MITRE ATT&CK, Cyber Kill Chain etc. • Excellent written and oral communication skills. • The ability to communicate effectively (clear, concise, and professionally) with all levels within Ascensus, auditors and business partners. For virtual remote positions, we require an uninterrupted workspace during business hours and an internet work speed of 25 Mbps or better. If you are unsure of your internet speed before applying, please check with your service provider.