Cyber Threat Analyst - Remote
Donnelley Financial Solutions (DFIN) is a leader in risk and compliance solutions, providing insightful technology, industry expertise and data insights to clients across the globe. We’re here to help you make smarter decisions with insightful technology, industry expertise and data insights at every stage of your business and investment lifecycles. As markets fluctuate, regulations evolve and technology advances, we’re there. And through it all, we deliver confidence with the right solutions in moments that matter.
Position Summary
The Cyber Threat Analyst will focus on gathering and analyzing data from disparate systems and produce cyber insights as necessary to identify, contain, mitigate, and/or recover from cyber security threats and/or incidents. The Cyber Threat Analyst II will work side-by-side with peers to investigate all cyber threats facing the organization.
Responsibilities
- Build, manage, and maintain correlation rules and alarming configurations for various cyber security platforms to include, but not limited to Security Incident & Event Management (SIEM), Security Orchestration, Threat Intelligence, and other platforms providing 24x7x365 Situational Awareness
- Collect, organize, and analyze data using various cyber security tools such as LogRhythm, Radware DefensePro, Palo Alto Networks, Symantec Endpoint Protection, Anomali ThreatStream, Tanium, Empow Networks, EnCase and more
- Support investigations of suspected cyber security misuse or stemming from compliance reviews as requested and approved by the SVP-CISO
- Consolidate and analyze data from disparate systems using data integration tools or writing custom code in SQL, Python, or other scripting languages
- Identify, analyze, and interpret trends or patterns in complex data sets
- Work with the functional business area to identify, gather, investigate, and document business processes related to incident response, security logging sources and formats, company-wide data architectures, threat modeling, and security best practices
- Visualize data insights using data visualization tools as necessary to ensure CISO, Security Operations, and other relevant dashboards are current and relevant
- Perform root-cause analysis to understand data problems and find solutions by understanding user requirements
- Build an inventory of assets to be monitored in support the DFS Enterprise Security Monitoring program
- Serve as a trusted advisor to the Director, Security Technologies and/or the SVP-CISO on sensitive matters warranting confidentiality
- Demonstrate subject matter expertise across most technology domains
- Perform other duties as assigned
Qualifications
- Bachelor degree with 3+ years of relevant work experience OR demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience and education
- Strong analytical competency
- Ability to develop, customize, and maintain visualization dashboards utilizing SIEM and other security platforms
- Strong understanding of cyber security threat modeling
- Deep insights into threat intelligence tools and techniques
- Advanced knowledge of cyber-attack techniques, and mitigation strategies
- Advanced knowledge of firewalls, anti-malware, intrusion detection and/or prevention systems, and other network and systems security platforms
- Ability to effectively communicate complex topics to engineers and leadership
- Ability to properly handle confidential data and strictly follow business process and procedure
- Ability to collaborate in cross-functional teams
- Excellent attention to detail
- Ability to operate in high stress situations
It is the policy of Donnelley Financial Solutions to select, place and manage all its employees without discrimination based on race, color, national origin, gender, age, religion, actual or perceived disability, veteran's status, actual or perceived sexual orientation, genetic information or any other protected status.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access jobs.dfinsolutions.com as a result of your disability. You can request a reasonable aaccommodation by sending an email to [email protected].