Associate, Security Monitoring Analyst-CIB

Associate, Security Monitoring Analyst-CIB – 2003787

Description

The Security Monitoring Analyst role is part of the Santander US Cybersecurity Fusion Center first line of defense in protecting Santander information systems from internal and external threats reporting to the Cybersecurity Monitoring Director. Individuals in this role will work closely with the Cybersecurity Incident Response teams and Security Technology Admins to fulfill and develop a comprehensive monitoring and investigations capability. The position will be responsible for monitoring security tools to support security event handling, supporting operational efforts around automating detective controls (sources: Intel, Response, Hunt Research) and ensuring real-time detection and monitoring capability enhancements to respond to evolving threats. Candidates will be required to communicate pertinent information throughout the information security teams. Ideal candidates should have demonstrable experience in industry standard operating systems as well as knowing networking and Cyber-attack methods. Must display enthusiasm and interest in Information Security.

Responsibilities:

Monitor for and detect security events from SIEM, Log collection Engines and other security technologies, such as Splunk

Perform investigations using various Monitoring Security technologies (i.e. IDS/IPS, DLP, etc.)

Review alerts escalated by end users

Perform initial triage of incoming issues (initially assessing the priority of the event, initial determination of event to determine risk and damage or appropriate routing of security or privacy data request)

Monitoring of health alerts and downstream dependencies

Provide limited response to end users for low complexity security events

Review and take a proactive approach to false positive and work with the various Security teams to tune and provide feedback to improve accuracy of the alerts

Document, investigate, and notifying appropriate contact for security events and response

Takes an active part in the resolution of events, even after they are escalated

Must participate in an on-call schedule

At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We encourage everyone to apply.

Qualifications

Bachelor’s Degree in Computer Science or equivalent major, or equivalent work experience

One (1) year experience in Information Security Operations or Two (2) year experience in Information Technology Operations & Support.

Ability to demonstrate understanding of Security investigations process and procedures

Ability to demonstrate technical experience working with enterprise security technologies like SIEM, antivirus/malware, IDS, WAF, DDoS mitigation platforms.

General network knowledge, TCP/IP, Internet Routing, UNIX / LINUX & Windows NT

Understanding of common network services (web, mail, DNS, authentication)

General Desktop OS and Server OS knowledge

Demonstrate ability to work with an Incident Management Tool (RSA Archer, ServiceNow).

Demonstrate excellent communication and organizational skills.

Demonstrate experience in windows/Unix scripting languages such as bash, python, regex, power Shell etc.

Preferred Training, Qualifications, and Certifications:

Security+

CEH: Certified Ethical Hacker

SEC401: Security Essentials

SEC511: Continuous Monitoring and Security Operation

GCIA: GIAC Certified Intrusion Analyst

GCIH: GIAC Certified Incident Handler

Job
: Information Security
Primary Location
: New Jersey-Holmdel-101 Crawfords Corner Road – 06368 – Bell Works

Organization
: SIS Technology (SIS_0052)
Schedule
: Full-time

Job Posting
: Nov 10, 2020, 1:50:59 PM

Clear All

Filter

Email Me Jobs Like These

Related

Santander Bank

Contact Us

Subscribe to our Newsletter