Cyber Security Analyst

Job Description

Responsibilities:As a member of Experian s Global Security Office (EGSO) / Global Cyber Incident Response Team, (GCIRT) this individual will respond, contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Global Security Operations Center (GSOC) according to Experian s Incident Response Plan. The member will respond and analyze security incidents involving threats targeting Experian information assets. These threats may include phishing, malware, network attacks, suspicious activity, etc. In addition, this position will involve working with end-users, stakeholders, technical support teams, and management to ensure proper remediation and recovery from these threats. This position will include working with employees in US/UK/APAC/EMEA/Spanish LATAM.This is a technical position supporting the strategies of the Global Security Operations Center and the Chief Information Security Officer. This position reports to the Director of Forensics Incident Response and involves supporting other EGSO team members to include research, training, and data gathering.Key Responsibilities Include:

• Responds to cyber security events and alerts associated to threats, intrusions, and/or compromises.
• Effectively manages multiple cases related to security incidents throughout the incident response lifecycle; including Analysis, Containment, Eradication, Recovery, and Lessons Learned.
• Identifies best methods to contain, eradicate, and recover from a wide variety of security incidents. Provides recommendations to proactively prevent incidents from re-occurring in the future.
• Coordinates successful conclusion of security incidents according to Process Procedures. Escalates severe incidents according to Experian s Incident Response Plan.
• Maintains all case documentation, including notes, analysis findings, containment steps, and root cause for each assigned security incident.
• Maintains a foundational understanding of common Operating Systems (Windows, Linux, Mac OS), Networking (Firewalls, Proxies, etc.), and Security Technologies (Anti-Virus, Intrusion Prevention, etc.)
• Interprets device and application logs from a variety of sources (e.g. Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures, etc.) to identify root cause and determine next steps for containment, eradication, and recovery.
• Ability to work hours or shifts outside of normal work hours when required to investigate and respond to security incidents.
• Establish and maintain excellent working relationships with team members, end-users, stakeholders, management, and infrastructure support teams throughout the global organization.
• Contribute to departmental training, reporting of metrics, and process improvement.

• Bachelor s Degree in Computer Science, Computer Engineering, Information Security or a related field.
• 3 years of experience working within a Security Operations Centers or Cyber Security Incident Response Teams may be accepted in lieu of this education requirement.
• Demonstrate knowledge of Incident Response and Investigative Methodology.
• Demonstrate critical thinking skills, analytical expertise, attention to detail, and ability to function in a fast-paced environment.
• Candidates with certifications involving incident response, ethical hacking, or cyber security (i.e. GCIA, GCIH, CISSP, CEH, etc.) have a strong advantage.
• Candidates able to exhibit skills using common Incident Response applications such as Splunk, Tanium, and FireEye are preferred.
• Strong English verbal and written skills are necessary. The ability to explain technical terminology to the lay person is frequently required.
• Candidates with competent speaking, reading, and writing skills in a 3 rd language have a stronger advantage.
• Must work well with a global team-oriented environment and has flexibility to work a shift schedule (including nights and weekends).
• Candidate must be self-motivated and capable of working with little supervision.
• Proven previous job stability, including maintaining long-term work relationships with former employers.
• Must be able to clear the company s pre-employment screening.

Keyskills :
networking cisco ip firewalls troubleshooting ybersecurity environmentalimpactassessment writingskills rootcause securityincidentresponse securityoperationscenter ethicalhacking webservers thinkingskills