Sr. Cyber Intelligence Analyst at UPS
Posted in Transportation 30+ days ago.
Location: Louisville, KentuckyJob Description:
Sr. Cyber Intelligence Analyst
We’re the obstacle overcomers, the problem get-arounders. From figuring it out to getting it done… our innovative culture demands “yes and how!” We are UPS. We are the United Problem Solvers.
About Information Security at UPS Technology:
Our top-notch Information Security team quickly finds and responds to real time threats. These critical-thinkers have a hunger to keep ahead of new exploits and security trends. They protect the vast trove of valuable data that passes through our servers each day. As a part of UPS InfoSec, you’ll continue to uphold our reputation for integrity in this growing and ever-changing field.
About this role:
The Senior Cyber Intelligence Analyst engages in the identification, tracking, monitoring, containment and mitigation of information security threats. He/She performs quality assurance functions to validate existing methods of research are successful in identifying and documenting security incidents. This position defines procedures for analysis and makes adjustments as technologies and methodologies advance. The Senior Cyber Intelligence Analyst assesses, prioritizes and takes action on requests that improve existing Security Operation Center (SOC) tools and procedures. He/She partners with management to coordinate security incident response efforts to communicate information, drive resource actions and decisions, provide recommendations, and ensure resolution.
The Senior Information Security Analyst identifies, investigates, analyzes, and remediates information security events to ensure enterprise integrity against technical risks. This position primarily focuses on using SIEM and other security tools to continuously analyze event data and develop and adjust alerting and assisting in defining response protocols. This position performs real-time log analysis to provide network and data security utilizing established processes and tools to focus on incident response, threat identification, analysis, containment and remediation.
- Reviews and analyzes security events, determine their severity, and author reports detailing the activity
- Analyzes and adjusts event alerting levels in line with UPS risk tolerance
- Defines incident response protocols for 1st level SOC Analysts
- Recommends and with management approval implements new or revised methods of detection and containment based on the analysis performed
- Act as the direct point of contact for Information Security to UPS Operations Command Center (OCC) staff responding to computer security events as directed during core work hours and potentially on-call, after hours, as part of rotational support
- Provides timely follow-up to stakeholders as appropriate and keeps management informed of changes in status during issue resolution
- Assists 1st level SOC Analysts in performing real-time security log and event analysis and incident response duties when needed
- 2 to 3 years as Security Operations Center (SOC) Analyst including Incident Response and Handling roles
- Experience with Q1 Labs QRadar
- Significant experience with Linux, TCP/IP, UNIX, MS-Windows, IP Routing, Firewalls and IPS
- Demonstrated expertise with regular expressions, database structure and queries
- Expert knowledge of network services, vulnerabilities and attacks
- Expert knowledge of computer, application and network exploits and vulnerabilities
- Bachelor's degree in Computer Science or equivalent.
- GIAC Certified Incident Handler (GCIH) preferred.
This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.