Senior Cyber Security Analyst
Cyber Security Information Technology Posted: 26-Sep-2024
New York, New York, United States
Work you'll do
Supports the Deloitte Security Operations team which is responsible for detecting and remediating cyber threats across the internal global Deloitte network. Works in a world-class Global Security Operations Center, where the main responsibilities is handling cyber security incidents, performing malware/network analysis, investigating phishing campaigns, and more. Servers as a Senior Cyber Security Analyst leveraging their technical expertise and serve as the primary escalation point for other GSOC analysts during the course of advanced incident investigations. Provides guidance on response action plans for events and incidents based on a wide range of incidents. Provides intermediate-level event analysis, incident detection, and escalate to leads as appropriate. Performs advanced analysis of the results of a wide range of threat detection and incident response platforms. Ensures that all identified events are promptly validated and thoroughly investigated. Collaborates with the Deloitte Cyber Threat Intelligence team and leverage Open-Source Intelligence (OSINT) to identify and search for new malicious Indicators of Compromise (IOCs). Provides oversight and guidance to junior Analysts to monitor, detect, analyze, remediate, and report on cybersecurity events and incidents. Responsible for identifying training needs for the junior analysts. Oversee and author new documentation owned by the GSOC team including, but not limited to, Standard Operating Procedures (SOPs) and Operational Level Agreements (OLAs). Coordinate with the Security Tool specialists to implement new or enhanced threat detection logic, signatures, and/or IOCs.
The team
Qualifications
Employer will accept a Bachelor’s degree, or foreign equivalent degree, in Computer Science, Information Technology, Mathematics, Engineering (any), or related field and two (2) years of experience in the job offered or in an Information Security Analyst; Cybersecurity Analyst - related occupation
The position requires experience in the following:
- Experience with SIEM solutions including analyzing events and content creation.
- Experience with at least two of the following technologies: Unix administration, Windows Server administration, Active Directory, Windows Workstation, Routers /Switches management,
- Firewall Management, SAN/NAS, Web servers, IAM/AAA, IDS/HDS, System vulnerability scanning tools, Application/Database vulnerability scanning tools, mobile device analysis or
- Secure coding.
- Experience analyzing attack activities such as network probing/ scanning, DDOS, or malicious code activity, and analyzing abnormal activities, such as worms, Trojans, or viruses, and
- coordinating remediation actions as necessary.
- Work with network devices such as routers, switches and TCP/IP.
- Experience with network services (web, mail, and FTP), network vulnerabilities, and network attack patterns.
- Experience with EDR tools, operation, and analysis of events.
- Experience working with ticketing systems.
- Experience in system security architecture and security solutions.
*100% telecommuting/working from home allowed.
*Up to 10% domestic travel required.
EOE
Deloitte Global is required by local law to include a reasonable estimate of the compensation range for this role for individuals applying to work in our New York, NY location. This compensation range takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and delivery model. We would not anticipate that the individual hired into this role would land at or near the top end of the range, but such a decision will be dependent on the facts and circumstances of each case. A reasonable estimate of the range is [$120,000 – $126,000/ year] for individuals applying to work in this location.You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.