JRI-America (JRI-A) provides IT services for SMBC Group.
The Senior Cyber Security Analyst is responsible for understanding and providing appropriate surveillance for the critical cyber threats to the Bank. The Senior Cyber Security Analyst will leverage Security Monitoring, Logging and Security Incident Event Management (SIEM) systems to triage alerts and investigate suspicious activity. They will analyze the threat data to help the Information Security team to determine what response is appropriate. This role is best suited for candidates who enjoy and have experience within a SOC or CSIRT team and enjoy investigating and finding the root of an issue or incident, performing proactive Threat Hunting or working on getting the most from leading edge security toolsets and platforms. Candidates who excel at thinking critically to find ways to resolve security challenges. The position is focused on implementing and improving technology and procedures related to security monitoring and cyber security incident response. Looking for a self-starter with strong technical skills in the field.
The role offers a unique opportunity for a security professional to work in a challenging and complex enterprise environment, using leading edge tools and technologies, whilst gaining hands-on experience across the security domains of cyber threat intelligence, cyber incident management, vulnerability management, security automation and system optimization.
- Monitoring, investigation and reporting of security incidents.
- Comfortable leading the analysis of security alerts or technical response to a security incident and providing subject matter guidance to more junior SOC personnel.
- Ability to develop and analyze processes. Identify as well as detail information risk, governance and compliance concepts and principles. Monitor, evaluate, and advise on information security issues related to systems, data, network, and workflow to ensure security controls are appropriate and operating as intended.
- Work with a set of guidelines to help identify critical event data for additional analysis and escalation as appropriate.
- Assist in the implementation and ongoing support of security systems.
- Conduct security research in keeping abreast of latest security issues.
- Prepare security reports for management review.
- Ability to multi-task and remain productive in a service-driven and results oriented environment.
- Demonstrated strong organizational, analytical, and problem-solving skills.
- Working knowledge of application & infrastructure security solutions (Firewalls, Intrusion DetectionPrevention Systems, Network Security, Password Management, Data Encryption, Vulnerability Scanners, SIEM Systems, and Access Control).
- Working knowledge of information security concepts, standards, and best practices.
- Draft corrective action plans and coordinate remediation tasks.
- Assist in defining security requirements for information technology projects.
- Strong interpersonal and communication skills.
- Must be self-directed with the ability to work with minimal oversight.
- Monitor security advisories, trends, alerts, and vulnerabilities, and communicate accordingly with team managers and data owners.
Education & Skills
- 5+ years of experience in information security (network, application and systems) or related technology experience required, experience in the financial services industry is preferred.
- Strong knowledge of technology and security controls related to the detection, analysis, containment, eradication, and recovery from cyber security incidents.
- Execute tasks or lead small projects to enhance team’s capabilities as needed.
- Knowledge of Windows and Linux systems, Active Directory Architecture, EDR, data governance, vulnerability management, SIEM systems, and Information Security compliance and standards.
- Strong verbal and written communication skills with experience in documentation and familiarization of Standard Operating and other formal procedures.
- Strong understanding of governance, risk, and compliance frameworks such as NIST and CIS.
- Professional Certifications an advantage but not essential if have requisite role knowledge, GCIH, GNFA, GFCA, Certified Ethical Hacker (CEH), CISSP or similar certifications a plus.
- Technical writing experience with management level reports.
To apply for this job email your details to email@example.com