Cyber Security Analyst III
Company: Navy Federal Credit Union
Location: Pensacola
Posted on: May 16, 2022
Job Description:
YOUR LIFE'S MISSION: POSSIBLEYou have goals, dreams, hobbies and
things you're passionate about.
What's Important to You Is Important to Us
We're looking for people who not only want to do meaningful,
challenging work, keep their skills sharp and move ahead, but who
also take time for the things that matter to them-friends, family
and passions. And we're looking for team members who are passionate
about our mission-making a difference in military members' and
their families' lives. Together, we can make it happen.
Don't take our word for it.
- Military Times 2021 Best for Vets Employers
- WayUp Top 100 Internship Programs
- Forbes - 2021 The Best Employers for New Grads
- Forbes - America's Best Employers
- Newsweek Top 100 Most Loved Workplaces
- 2021 People Companies that Care
- Fortune Best Workplaces for Women
- Fortune 100 Best Companies to Work For -
- Fortune Best Workplaces for Millennials
- Computerworld - Best Places to Work in ITBasic PurposeTo
provide 3rd Tier Intermediate cybersecurity event detection and
threat analysis for complex events in cloud and hybrid
environments. To lead the analysis of Cyber event data and other
sources for indicators of cyber threat/attack and potential network
compromise. Collaborate in complex, sensitive incident response
activities applying knowledge of computer and network architecture
to provide analysis during investigations, identifying adversarial
activity and methods for future detection and prevention. Serve as
subject matter expert within Information Security to identify
threats within the Navy Federal environment through real time
analysis of logs and alerts.
Responsibilities
- Develop content for cyber defensive tools.
- Characterize and analyze network traffic to identify anomalous
activity and potential threats to network resources.
- Coordinate with enterprise-wide cyber defense staff to validate
network alerts.
- Perform event correlation using information gathered from a
variety of sources within the enterprise to gain situational
awareness and determine the effectiveness of an observed
attack.
- Perform security reviews and identify security gaps in hybrid
security architecture resulting in recommendations for inclusion in
the risk mitigation strategy.
- Receive and analyze network alerts from various sources within
the enterprise and determine possible causes of such alerts.
- Analyze identified malicious activity to determine weaknesses
exploited, exploitation methods, effects on system and
information.
- Determine tactics, techniques, and procedures (TTPs) for
intrusion sets.
- Examine network topologies to understand data flows through the
network.
- Monitor external data sources (e.g., cyber defense vendor
sites, Computer Emergency Response Teams, Security Focus) to
maintain currency of cyber defense threat condition and determine
which security issues may have an impact on the enterprise.
- Provides cybersecurity recommendations to leadership based on
significant threats and vulnerabilities.
- Work with stakeholders to resolve computer security incidents
and vulnerability compliance.
- Coordinate and provide expert technical support to
enterprise-wide cyber defense technicians to resolve cyber defense
incidents.
- Correlate incident data to identify specific vulnerabilities
and make recommendations that enable expeditious remediation.
- Perform analysis of log files from a variety of sources (e.g.,
individual host logs, network traffic logs, firewall logs, and
intrusion detection system [IDS] logs) to identify possible threats
to network security.
- Perform cyber defense incident triage, to include determining
scope, urgency, and potential impact, identifying the specific
vulnerability, and making recommendations that enable expeditious
remediation.
- Perform cyber defense trend analysis and reporting.
- Perform real-time cyber defense incident handling (e.g.,
forensic collections, intrusion correlation and tracking, threat
analysis, and direct system remediation) tasks to support Incident
Response Teams (IRTs).
- Receive and analyze network alerts from various sources within
the enterprise and determine possible causes of such alerts.
- Employ approved defense-in-depth principles and practices
(e.g., defense-in-multiple places, layered defenses, security
robustness).
- Collect intrusion artifacts (e.g., source code, malware,
Trojans) and use discovered data to enable mitigation of potential
cyber defense incidents within the enterprise.
- Perform advanced security event detection and threat analysis
for complex and/or escalated security events
- Perform advanced intelligence analysis using analytical
tradecraft methods and forensic tools
- Provide log/network/malware/device analysis; make
recommendations for remediation of security vulnerability
conditions
- Provide independent critical thinking to diagnose and analyze
threat intelligence data; and make decisions on the most effective
response and remediation
- Leverage Open Source research, network, and host forensic
analysis, log review and correlation to support investigations
- Perform other duties as assigned
Qualifications
- Intermediate skill monitoring and analyzing logs and alerts
from a variety of different technologies, including IDS/IPS,
firewall, proxies, and anti-virus across multiple platforms
- Intermediate skill to develop specific expertise, discern
patterns of complex threat actor behavior, and communicate an
understanding of current and developing cyber threats
- Intermediate skill in cloud security event detection, threat
analysis of complex events, and content management
- Effective skill to leverage online research tools to identify
and navigate online forums, specialized Web sites, social media,
and traditional sources
- Experience in coordinating and responding to events on all of
the monitored networks and the systems on those networks
- Experience in collecting, analyzing, and interpreting
qualitative and quantitative data from multiple sources to document
results, analyze findings and provide business unit
intelligence
- Experience in incident response in hybrid models
- Intermediate experience in analyzing, correlating log events
for cloud technologies during complex investigations and to develop
detections
- Experience in analyzing security systems, and how changes in
conditions, operations, or the environment will affect these
outcomes.
- Experience in applying cybersecurity and privacy principles to
organizational requirements (relevant to confidentiality,
integrity, availability, authentication, non-repudiation).
- Intermediate knowledge of security architectures, devices,
proxies, and firewalls
- Intermediate knowledge of system and application security
threats and vulnerabilities (e.g., buffer overflow, mobile code,
cross-site scripting, Procedural Language/Structured Query Language
[PL/SQL] and injections, race conditions, covert channel, replay,
return-oriented attacks, malicious code).
- Outstanding verbal and written communication skills for
reporting complex technical situations to various audiences,
including executive leadership and nontechnical staff.
- Intermediate research, analytical, and problem solving
skills
- Intermediate skill presenting findings, conclusions,
alternatives and information clearly and concisely
- Intermediate skill working with all levels of management,
supervisors, stakeholders and vendors
- Required: Experience with Security Tools related to Enterprise
Log Management, IDP/IDS, Antivirus, Firewalls, Proxies, DLP,
Forensic Analysis, Malware analysis and SIEM
- Required: Experience in Cybersecurity analysis, incident
response, or a related field with increasing responsibility
- Desired: Intermediate skill in analyzing log events for cloud
technologies to facilitate development of cyber defense
detections
- Desired: AZ-900, AZ-140, AZ-500 or other related Cloud Security
certifications
- Desired: CySA+, CASP+, CISSP or other related Information
Security certifications
- Desired: Bachelor degree in cybersecurity or related
discipline
- Desired: Intermediate skill in identifying gaps in technical
capabilities
- Desired: Intermediate knowledge of IT security standards and
frameworks (e.g., MITRE ATT&CK )
- Desired: Intermediate skill in analyzing log events for cloud
technologies to facilitate development of cyber defense
detections
- Desired: Experience creating correlation content in a SIEM
tool
Hours: Monday - Friday, 8:00AM - 4:30PM (Shift Work required,
Evenings and/or weekends Required, Holidays required)
Location: 820 Follin Lane, Vienna VA 22180 - 5550 Heritage Oaks Dr
Pensacola, FL 32526 - Remote
- Navy Federal is now hybrid! Our standard enterprise requirement
for a hybrid schedule is to report onsite 4-16 days each month. The
number of days reporting onsite will ultimately be determined by
the employee's leadership and business unit needs. You will learn
more throughout the hiring and onboarding process.
Salary: Navy Federal Credit Union assesses market data to establish
salary ranges that enable us to remain competitive. You are paid
within the salary range, based on your experience, location and
market position.
Salary range: $83,100 to $142,000Equal Employment OpportunityNavy
Federal values, celebrates, and enacts diversity in the workplace.
Navy Federal takes affirmative action to employ and advance in
employment qualified individuals with disabilities, disabled
veterans, Armed Forces service medal veterans, recently separated
veterans, and other protected veterans.
EOE/AA/M/F/Veteran/Disability
COVID-19 Vaccine Information
As a COVID-19 safety measure, our employees must either provide
proof of COVID-19 vaccination or follow additional safety
protocols, including testing.
Disclaimer
Navy Federal reserves the right to fill this role at a higher/lower
grade level based on business need. An assessment may be required
to compete for this position.
Bank Secrecy Act
Remains cognizant of and adheres to Navy Federal policies and
procedures, and regulations pertaining to the Bank Secrecy Act.
Employee Referrals
This position is eligible for the TalentQuest employee referral
program. If an employee referred you for this job, please apply
using the system-generated link that was sent to you.
Keywords: Navy Federal Credit Union, Pensacola , Cyber Security Analyst III, Professions , Pensacola, Florida
Didn't find what you're looking for? Search again!
Loading more jobs...