Previous Job
IT Security Analyst
Ref No.: 18-05427
Location: RALEIGH/RTP, North Carolina

Role Summary:

Executive summary of the job's core purpose.
The primary purpose of the role is to contribute positively to the Cyber Threat Detection and Response program:
• deliver operational capabilities to rapidly and effectively identify, detect and respond to cyber security events, vulnerabilities, and threats targeting Client
• redefining and aligning the IT security strategy to future business objectives
• leverage industry good practice expertise to enhance the maturity of security services
• shape the future of detecting suspicious activities by privileged users
The candidate will also be tasked to recommend strategies to meet local and regional regulatory cyber security requirements, and to translate these requirements into specifications meaningful to senior management and stakeholders as well as Engineering.

The Role Involves:
Describe what the candidate will need to accomplish in the role.
The role will require strong cyber security background that sets the foundation for a close collaboration with Engineering, Operations units, peer Business Analysts and Subject Matter Experts as well as senior management and audit. This resource will focus on the Cyber Threat Detection and Response program. The candidate will manage and plan deliverables with project managers from TSS and provide guidance to engineers in automation and control streams:
• Design and architecture definition of a Security Information and Event Management (SIEM) solution with the Security Operation Centre (SOC) roles to professionalize the existing Splunk infrastructure to function as a fully operational SIEM
• Demonstrate a thorough understanding of complex information systems, cyber security concepts, cyber threats and market leading solutions
• Be at the forefront of «Cyber Thought Leadership» in response to market changes and new challenges faced today
• Advise on how to efficiently remediate vulnerabilities, manage IT risks and improve the overall cyber security posture and resiliency of Client
• Simplify existing processes and workflows of onboarding of sources to reduce overall costs of service without compromising security
• Understand and manage the effect of changes at the controls level (policies, regulatory requirements) and the technical level (infrastructure changes)
• Support Engineering to develop solutions; oversee overall delivery to meet quality and requirements of requestor

List qualifications, skills and certifications (bullets form recommended).

The role requires thought leadership, strong presentation and analysis skills, and the ability to interact with senior management:
• A minimum of 5+years of professional experience in a cyber security, information security or IT risk consulting role
• Good understanding of the value proposition that comes with technical product such as SPLUNK, Tripwire, Quaylys and Archer
• Experience in setting up global Security Operations Centers (SOC) as well as Security Information and Event Management (SIEM) capabilities
• Excellent business analysis skills, inclusive of the ability to communicate with senior management
• Ability to compress knowledge to an easily understandable level for circulation to a wide audience from outside the department
• Ability to lead, advise, and coordinate global workgroups
• Strong understanding of the threat landscape combine with problem solving skills to define counter-threat measures
• Hands-on experience in the following domains: cyber threat management, vulnerability management, access management, malware protection, ethical hacking and penetration testing
• Practical knowledge in applying information security standards (e.g. ISO 27001) and/or cyber security best practices (e.g. NIST Cybersecurity Framework).