Senior Associate, Information Security Analyst-Job ID P128079

This position will be a member of the Discover Security Intelligence and Incident Response Team. The primary responsibility of the position is to prepare for, coordinate, analyze, contain and mitigate security incidents. Analyst will perform planning and develop enhancements to the security incident response function, communicate with stakeholders, perform forensics and other in-depth technical analysis, ensure root cause is determined, achieve containment and ensure mitigation is done to prevent re-occurrence of similar incidents in the future.

Qualifications

SKILLS REQUIRED:
Candidate must be capable of handling highly sensitive data, stressful or high-profile situations in a professional manner
Candidate must possess exceptional verbal and written communication skills
Candidate must be capable of using diplomacy when dealing with other parties
Candidate must have the ability to follow policies and procedures and use common sense to make efficient and acceptable decisions whenever there is no clear direction
Candidate must have advanced understanding of at least several of the following: Internet infrastructure, network applications, services and protocols (FTP, SSH, TELNET, DNS, DHCP, SMTP, HTTP, HTTPS, etc.), security principles, threats, vulnerabilities and risks to information systems (IP Spoofing, sniffing, denial of service attacks, malware), cryptographic technologies, host system security issues
Candidate must have experience with at least one of the following technologies: networks, operating systems, security systems, and infrastructure or data analysis or data management systems
Candidate must be organized and detail-oriented
Candidate must have the ability to solve problems in new situations
College Degree and/or Six years of technical information security experience
Candidate must be willing to continue learning (education) and apply gained knowledge to work situations
Candidate must possess the ability to work independently when required but also able to function as part of a team

SKILLS DESIRED:
Candidate should have demonstrated experience working with information and network security practices
Candidate should possess the ability to brainstorm new ideas and develop solutions for identified problems and/or procedural efficiencies
Candidate should have knowledge of attack methodologies utilized by attackers
Candidate should have knowledge of detecting attacks from various threat vectors
Candidate should have experience responding to an alert, analyzing log data to determine if security events are security incidents
Candidate should have experience with performing response measures on security incidents
Candidate should have knowledge of data mining and analysis techniques
Candidate should have knowledge of forensics methodologies and experience performing forensics investigations
Candidate should have knowledge of malware analysis and experience performing reverse engineering
Candidate should have experience administrating various information systems (Operating Systems, Internet Infrastructure, networks, and security applications)
Candidate should have experience with writing scripting, regular expressions and/or modifying programming code
Candidate should have security-focused certification(s) such as: GSEC, Security+, GCIA, CEH or CISSP
Candidate should have knowledge of security and compliance frameworks and standards such as (ISO27000 series, NIST SP 800 series, PCI, GLBA, SOX, COBIT)
Candidate should have strong analytical and problem-solving skills
Candidate should be self-motivated candidate with a strong desire to learn new technologies
We are an Equal Opportunity Employer and do not discriminate against applicants due to race, ethnicity, gender, veteran status, or on the basis of disability or any other federal, state or local protected class.