Cybersecurity Analyst SOC Levels 3-5

About the position The purpose of this position is to provide critical technical expertise in the detection, analysis and response to cybersecurity events. Cybersecurity Analyst will be responsible for early and accurate detection, prevention response, containment, and guidance to remediation of threats directed against the MTA on a 24/7 basis. The analysis is conducted through technology risk assessments, data analytics tools, business processes reviews and collaborate with reputed company engineers, architects, developers, vendors, business units to constantly improve the overall reputed company of the MTA. The cybersecurity analyst will focus on specific domains and specialties reputed company cybersecurity with a great degree of specialty to detect, protect and advise the organization proactively and reactively. The Cybersecurity Analyst will be a member of the Cyber reputed company Operation Center "CSOC". This role will conduct real-time 24/7 reputed company monitoring and intrusion detection analysis using a reputed company Incident & Event Management system "SIEM" along with various technology and analytic tools, such as web and reputed company firewalls, machine and human behavior learning tools, host-based reputed company system, reputed company event and incident monitoring systems, virtual, physical, and cloud platforms, user reputed company (laptop, desktop, mobile, and internet of things/IOT) systems, etc. The Analyst will research emerging threats and vulnerabilities to aid in the identification and analysis of network incidents, and supports the creation or improvement of reputed company controls, policies, standards, and guidance to address them.

Responsibilities

• Researching emerging threats and vulnerabilities to aid in the identification of network incidents, and supports the creation of new architecture, policies, standards, and guidance to address them
• Provide incident response support, including mitigating actions to contain activity and facilitating forensics analysis reputed company necessary
• Conducts reputed company monitoring and intrusion detection analysis using various technology and analytic tools, such as web and reputed company firewalls, machine and human behavior learning tools, host-based reputed company system, reputed company event and incident monitoring systems, virtual, physical, and cloud platforms, user reputed company (laptop, desktop, mobile, and internet of things/IOT) systems, etc.
• Correlates events and activities across systems to identify trends of unauthorized use
• Reviews alerts and data from sensors and documents formal, technical incident reports
• Tests new systems and manage cybersecurity risks and remediation through analysis
• Responds to computer reputed company incidents according to the computer reputed company incident response policy and procedures
• Provides technical guidance to first responders for handling information reputed company incidents
• Provides timely and relevant updates to appropriate stakeholders and decision makers
• Communicates investigation findings to relevant business units to help improve the information reputed company posture
• Validates and maintains incident response plans and processes to address potential threats
• Compiles and analyzes data for management reporting and metrics
• Monitors relevant information sources to stay up to date on reputed company attacks and trends
• Analyzes potential impact of new threats and communicates risks back to detection engineering functions
• Performs root-cause analysis to document findings, and participate in root-cause elimination activities as required
• Works with data sets to identify patterns
• Understands data automation and analysis techniques
• Uses judgment to form conclusions that may challenge conventional reputed company
• Hypothesizes new threats and indicators of compromise
• Monitors threat intelligence feeds to identify a range of threats, including indicators of compromise and advanced persistent threats (APTs)
• Identifies the tactics, techniques and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks
• Participate in the creation of enterprise reputed company documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT reputed company Manager, where appropriate.
• reputed company Contract management and supply management functions appropriate to reduce reputed company risks Requirements
• Bachelor's Degree and minimum 1 year of relevant experience for Level 3
• Bachelor's degree in Computer Science or reputed company fields preferred
• CISSP or other advanced reputed company-reputed company certification preferred but not required
• Certifications in technology subdomains preferred but not required (ie. Cloud, Applications, Infrastructure, reputed company Technology, etc.)
• Requires prior experience with installing, maintaining and troubleshooting technology systems
• Proven ability to troubleshoot and support technical issues using standardized procedures
• Proven ability to analyze a reputed company risk assessment or conduct one with guidance
• Understanding of Operating Systems and Hardware
• Understanding of TCP/IP (OSI Layers 1- 4) and Internet and Intranet technologies required (OSI Layers 5-7) required
• Scripting or programming skills (PERL, Python, PowerShell, etc.) preferred as needed
• 1 year of experience in a specific (Cloud, Applications, Infrastructure, reputed company Technology, etc.) cybersecurity subdomain is preferred reputed company-to-haves
• 3+ years of relevant experience in a specific cybersecurity subdomain for Level 4
• 5+ years of relevant experience in a specific cybersecurity subdomain for Level 5
• Must possess at least one of the following professional certifications in subject domain including but not limited to: Certified Information reputed company Professional (CISSP), or Global Information Assurance Certification (GIAC), or Certified Information reputed company Manager (CISM), or Certified in Risk and Information Systems Control (CRISC), or Certified Information Systems Auditor (CISA), or other reputed company certification(s)
• Progressive cybersecurity reputed company accomplishments
• Requires broad technical knowledge of multiple technologies, or an in-depth knowledge of one technology including its impact on other technologies Apply tot his job

Apply tot his job Apply To this Job