Cybersecurity Analyst - Hybrid: San Francisco, CA
Job Description:
Duties and Responsibilities
As a member of the Information Security team, the Cybersecurity Analyst's role is to protect the Client from intrusions such as targeted threat actors, advanced/novel malware, hacking attempts, and other forms of cyber-attacks. Primary responsibilities will be developing threat intelligence, analyzing the Client's intrusion resistance, and leading efforts to automate, integrate, and aggregate the data and systems needed to make that analysis quickly and accurately.
Broad expertise in Information Security, strong analytical and interpersonal skills, and the ability to learn and grow in a rapidly evolving environment is required.
The Cybersecurity Analyst independently studies Internet traffic data from intelligence databases and ancillary sources in support of the Client's security goals, concerns and strategies. The Cybersecurity Analyst will use their understanding of Internet architecture and protocols, malware, packet structure and network vulnerabilities to proactively profile Internet activity, detect patterns and trends in intrusion techniques and practices, and identify the sources of intrusions.
Cybersecurity Analyst prepares descriptive and predictive analyses and communicates the results, meaning and significance in the form of oral or written reports. They may participate in the evaluation of tools and creation of customized methodologies and applications.
What you'll do as a Cybersecurity Analyst:
- Assesses and tracks changes to the global threat landscape and assesses the impact and exposure to the Client and its' customers. Recommends corrective measures based upon actionable intelligence.
- Provides timely and actionable communications, via written reports and/or oral presentations, to management to understand and address cybersecurity threats and trends.
- Researches and assesses external intelligence sources and makes recommendations to improve and augment intelligence gathering efforts.
- Acts as a subject matter expert to various internal groups on emerging threats.
Qualifications
You could be a great fit if you have:
- 4 year university degree or equivalent experience required.
- Proven analytical skills with an acute attention to detail and persistence.
- Excellent communication skills (verbally and written).
- Responses in email concerning incidents.
- Documentation of event or incident reports, vulnerabilities, and other technical information.
- Notifications and/or guidelines that are provided to the constituency.
- Internal development of Computer Security Incident Response Team (CSIRT) policies and procedures.
- Other external communications to staff, management, or other relevant parties.
- Strong networking knowledge.
- CCNA/CCNP certification desired; or equivalent of 5+ years of network engineering experience.
- Ability to understand network traffic (e.g. PCAP output)
- Understanding of Information Security practices and methodologies.
- Problem Solving
- - Determine the relevance of the data provided.
- Identify what information is important, missing, or might be misleading or incorrect.
- Decide on how to handle that data.
- Knowing who else in the team they might contact or approach for additional information, creative ideas, or added technical insight.
- Recognizing and seeking additional information from other resources. (e.g., literature searches, past incidents that may involve similar activities, similarities in attack techniques or tools, other sources of information)
- Verifying information through alternative approaches.