The position is described below. If you want to apply, click the Apply button at the top or bottom of this page. You'll be required to create an account or sign in to an existing one.

Need Help?

If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility or call 877-891-2510 (accommodation requests only; other inquiries won't receive a response).

Regular or Temporary:
Regular

Language Fluency: English (Required)

Work Shift:
1st shift (United States of America)

Please review the following job description:

Support Information Security and Cyber Fusion Center (CFC) responding to cyber incidents while working in a multiple-team environment. Process vulnerability and threat data from a variety of internal and external sources to provide actionable intelligence to internal consumers in order to implement countermeasures and maintain and enhance the defenses for our information systems and resources. Serve as first escalation point for security investigations and provide oversight for tier I analysts and triage-related automations. Assist principal analysts and senior IR engineers during incident response activities and cyber investigations.

Essential Duties and Responsibilities

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

• Investigate and respond to known cyber threats identified through Truist's security incident and incident management program and execute on appropriate mitigation strategies for identified threats.
• Participate in the creation and maintenance of use cases for recurring investigation/incident triggers in support of the 24/7 Cyber Fusion Center.
• Establish and maintain playbooks used in response for investigation/incident triggers in support of 24/7 Cyber Fusion Center.
• Interface with other teams in Information Security (e.g. network operations, cyber threat intel, vulnerability management) along with information and liability risk officers and technology management to help guide cyber security investigations and incidents.
• Assist in ensuring all operations and maintenance activities are properly documented and updated as necessary.
• Participate in threat hunting activities to proactively search for threats in the enterprise environment.
• Position in located in Atlanta with 50% minimum on-site expectations in our downtown Cyber Fusion Center.

Required Qualifications:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelor's degree in Information Technology or related field or equivalent education and related training
• Broad knowledge of general IT with a focus area in one or more of the following areas: operating systems, networking, computer programing, web development or database administration
• Demonstrated knowledge of cyber security concepts with a focus area in one or more of the following: attack surface management, Security Operations Center (SOC) operations, Intrusion Detection/Intrusion Prevention Systems (IDS/IPS), Security Information and Event Management (SIEM) use, threats (including Advanced Persistent Threat (APT), insider), vulnerabilities, and exploits; incident response, investigations and remediation
• Foundational knowledge of processes, procedures and methods to research, analyze and disseminate threat intelligence information

Preferred Qualifications:

• Two years of experience
• Industry certifications in general technology (e.g. Security+, Network+, CySA+, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals, etc.)
• Industry certifications in cyber security and forensics, such as Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), Cisco Certified Network Associate (CCNA), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Ha Industry certifications in general technology (e.g. Microsoft Certified Professional (MCP), Microsoft Certified Solutions Expert (MCSE), Network+)
• Security Operations Center (SOC) or Network Operations Center (NOC) experience and experience in the Intelligence Community (IC)

Truist supports a diverse workforce and is an Equal Opportunity Employer who does not discriminate against individuals on the basis of race, gender, color, religion, national origin, age, sexual orientation, gender identity, disability, veteran status or other classification protected by law. Drug Free Workplace.

EEO is the Law Pay Transparency Nondiscrimination Provision E-Verify