Cybersecurity Threat Analyst (Subsidiary Oversight)

Jacksonville, FL, United States

Job Description: Cybersecurity Threat Analyst, under limited supervision, develops, maintain, and implement comprehensive information security monitoring and threat analysis processes and programs. Cybersecurity Threat Analysts assist with defining cybersecurity event response policies, processes and standards for large and complex environments.

They are responsible for comprehensive threat analysis to include recommending appropriate course of action and escalation.

Perform various cybersecurity assessments to identify deviations from standard security configurations, inappropriate modification or activities and proactively identify weaknesses in safeguards.

Assist within cyber event response by cooperating with third-party incident response teams and law enforcement agencies by providing logs, reports, alert notifications, and other requested information.

This is a role on the corporate cyber incident response team.

Essential Functions The essential functions listed represent the major duties of this role, additional duties may be assigned.

Serves as a liaison with IT and business area partners to identify, understand, document and advise on security requirements, impacts and risks and threats.

Proactively and automatically correlates and analyzes threat data from various sources and analyzes network events to establish the identity and modus operandi of malicious users active in the computing environment or posing potential threats to the computing environment

Independently, but with some level of guidance from Senior Cybersecurity Threat Analyst, conducts industry research and technical evaluation of all-sources and vendor supplied intelligence--with specific emphasis on network operations and advanced and sophisticated cyber tactics, techniques, and procedures

Preparing assessments and cyber threat profiles of current events based on collection, research and analysis of open source information

Proven technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats

Proven technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances

Demonstrated knowledge of information threat analysis and detection concepts and principles and impact

Working with and managing vendor performance including applicable service level agreements

Conducts and, at times, leads root cause analysis of any monitoring alerts and threats identified by third-party vendor, or internal systems and workforce. Once root cause is determined, proposes and works with other teams, if required, to implement appropriate security controls and solutions that will mitigate risk and vulnerabilities, as well as safeguard our systems and data.

Assists in the preparation of detailed technical papers, presentations, recommendations, and findings for Management and other Technology Leaders

Periodically provides briefings and presentations to colleagues and leadership supporting analysis of cyber threats

Develops and maintains documentation of security monitoring activities, threat response procedures and security diagrams

Assists remediation actions as a result of threat and vulnerability assessments or audits

Provides training to others on security capabilities, processes, procedures and operational tasks

Required Work Experience: 5+ years related work experience

4+ years in Cybersecurity/1+ years Information Technology Infrastructure

Required Education Related Bachelor's degree or additional related equivalent work experience Computer Information Systems with Cybersecurity

Required Licenses and Certifications: Certified Information Systems Security Professional (CISSP) or Certified Ethical Hacker (CEH) (within 180 Days if converted to FTE)

Additional Required Qualifications: Strong technical knowledge of security architecture, tools and controls with specific demonstrated experience in proactive detection, mitigation, and resolution of advanced cyberattacks and./or threats

Strong technical knowledge of security infrastructure including security firewalls, data loss prevention, encryption, and end point protection appliances

Demonstrated knowledge of information threat analysis and detection concepts and principles and impact

Experience working and managing vendor performance and service level agreements

Knowledge of network infrastructure including routers, switches, firewalls and associated network protocols and concepts.

Strong technical knowledge of current systems, software, protocols and standards. (Including TCP/IP and network administration/protocols).

Experience developing, documenting and maintaining security procedures.

In-depth knowledge of operating systems and security applications

Demonstrated ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.

Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.

Ability to manage tasks independently and take ownership of responsibilities

Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.

Ability to adapt to a rapidly changing environment and quickly identify new trends and industry changes specific to security and advanced cyberattacks

Ability to evaluate complex, multi-sourced security intelligence artifacts and summarize for consumption by internal stakeholders.

Additional Preferred Qualifications: Exposure to Project Management methodologies like Waterfall, Agile, Lean or SAFe methodologies