Cybersecurity Analyst
Discover. A brighter future.
With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.
Job Description
The Discover Security Analytics & Incident Detection team is looking for new and qualified security analysts to join our ranks. Our team serves alongside other teams in Information Security as experts in the detection and analysis of all technology-related security incidents. We employ a multitude of enterprise-grade security solutions to achieve our goals. Our primary mission is the timely and accurate identification of incidents, mastery of the technologies and information we analyze, maintaining expert-level knowledge of detection tools and techniques, and proper escalation/hand-off of incidents for response and containment.
Were looking for talented, self-motivated professionals who have a strong passion for information security-- and a burning desire to learn. Were interested in people who enjoy being challenged on a daily basis to stay one step ahead of an ever-changing landscape of threats and adversaries. Were also looking for individuals that are interested in working both collaboratively and independently to hunt down and identify anomalous and malicious activity, wherever it may be. Whether you are a seasoned information security professional or new to the field, were looking for new team members to join us in guarding our enterprise as the last and ultimate line of defense
Responsibilities:
- Monitor events aggregated from a multitude of technologies to detect malicious activity. Perform detailed analysis using a variety of tools and techniques to investigate, navigate, correlate, and understand security incidents to the fullest extent of the data available.
- Ensure proper escalation and hand-off of security incidents for containment and remediation. Evaluate and implement tunes for rules, filters and policies for detection-related security technologies to improve accuracy and visibility. Review custom security detection logic to analyze and correlate information to produce meaningful, actionable results.
- Conduct data mining across log sources to uncover and investigate anomalous activity and items of interest. Review and maintain documentation of logic, rules, policies, and procedures.
- Identifies and evaluates potential vulnerabilities and drives the normalization, correlation, and integration of internal and subscription threat-intelligence source. Produces actionable intelligence in the form of reports, notifications, alerts, and briefings.
- Drafts mitigation and countermeasure strategies from collected threat intelligence. Recognizes security violations and takes appropriate action to report each incident, as required. Analyzes the organization's cyber defense procedures and configurations and evaluates compliance with regulations and organizational directives.
- Performs in-depth analysis of security issues and/or vulnerabilities. Ensures compliance to audit, regulatory, and legal requirements. Builds and maintains effective relationships with peers and internal business partners. Creates effective controls to address security concerns. Maintains metrics and new capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
- Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Engages in reporting risk remediation assurance and automation/integration initiatives and collaborates with stakeholders, at all levels, to ensure remediation is validated, risk is mitigated, and findings are fully closed/resolved.
- Maintains in-depth knowledge of security trends and threats. Identifies innovative opportunities for new security solutions and processes that are consistent with business goals and risk tolerance.
Basic Qualifications:
- H.S. Diploma or GED
Preferred Qualifications
- 2 + years of experience in Information Security, Computer Science, Data Analytics or related
- Bachelors Degree in Computer Science, Information Security or related
- Knowledge of (or a strong desire to learn) common networking services and protocols (TCP/IP, SSH, FTP, DNS, DHCP, SMTP, SSL, etc.)
- The desire to work both independently and collaboratively with a larger team
- A willingness to be challenged along with a strong appetite for learning
- The ability to work in a 24x7 shift-based operation
- The flexibility to adjust shift schedule based on the needs of the team
- 1-3 years of experience in Information Security, Incident Response, etc. (or related field)
- Prior experience detecting, analyzing and/or responding to security incidents
- Demonstrated ability to analyze and correlate information from a wide variety of enterprise technologies
- Hands-on experience with common security technologies (IDS, Firewall, SIEM, etc.)
- Knowledge of common security analysis tools & techniques
- Understanding of common security threats, attack vectors, vulnerabilities and exploits
- Knowledge of data science, data visualization, mathematics, and/or statistics
- Programming experience (Python, Perl, etc.)
- Knowledge of regular expressions
Certifications Desired:
- CompTIA Network+/Security+ or GIAC (Example: GCIH, GCIA, GSEC)
#LI-LJ1
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.