Cyber Intrusion Analyst Sr

Gulfstream Aerospace Corporation

Savannah, Georgia 31401
14/10 /2020
JOB ID: 156309 Specialty: Information Systems




Unique Skills:

Experience in the administration of information security services including firewalls, intrusion detection systems (IDS) / intrusion protection systems (IPS) preferred. Experience with network traffic analysis, related applications and operating systems used to identify potential threats, anomalous or malicious activities to network resources preferred. Experience with the following operating systems: Windows, OSX, iOS, Linux or UNIX preferred.

Education and Experience Requirements:

Bachelor's Degree or equivalent combination of education and experience to successfully perform the essential functions of the job. Degree in information security, Computer Sciences or Technology related field preferred. Seven (7) years of related experience.

Position Purpose:
The Cyber Intrusion Analyst Sr. will perform and supervise the Security Operations Center in monitoring and analysis of security systems data from multiple security components. The analyst participates in an incident response team and may be called upon to take a lead role during incidents. The analyst provides escalations to the Threat Response Team when appropriate and provides management with a clear picture of threats associated with Business Technology assets in a way that enables them to make well-informed decisions regarding threat management. This is achieved through the effective communication of information collected through various tools, analysis of event and incident reports utilizing both automated and manual methods

Principle Duties and Responsibilities:

Essential Functions: 14. Supervising and Training of junior team members of the Security Operations Center (SOC) team. 2. The analyst will perform monitoring and analysis of security systems data from multiple security components including firewalls, IPS, VPN, web filtering, SIEM systems, host based intrusion detection, email filtering etc. Monitor Intrusion Detection systems (IDS) Analyze security data to effectively detect intrusions & attempted intrusions and to initiate and engage the proper resources to mitigate the risk and validating (IDS) alerts. 3. Collecting and analyzing investigative information and data (e.g. internet history information, system logs, network traffic activity, encrypted or erased data) to identify signs or sources of compromise, poor security practices and unauthorized activities. 4. Proficient in the use of incident response methodology to assist and/or lead incident response team in addressing and managing the aftermath of a security breach or attack. 5. Maintaining procedures for preventing web abuse; guiding the administration of security tools that monitor web security. Conducting preliminary security investigations related to employee abuse of security policies. 6. Examining and analyzing network traffic, related applications and operating systems to identify potential threats, anomalous or malicious activities to network resources 7. Conducts preliminary forensic collections of electronic evidence including information system and network devices for legal, human resources, ethics, and information security. 8. Executes first-level incident responses following IR procedures. 9. Support of customers with security and general technology needs. 10. Maintaining and improving SOC documentation and reporting processes for cyber incident status and results. Developing, publishing, and reviewing audit logs, access control logs and incidents, providing reports and documents regarding network security incidents details and outcomes; assisting in troubleshooting problems and recommending vulnerability corrections.

Additional Functions: 1. Able to be on call for incidents and problems; also able to work different shifts. 2. Able to travel as needed. 3. Proficient in the use of incident response and forensics tools such as FTK, Encase, and Cellebrite. Perform other duties as assigned.

Other Requirements: 1. Must have an understanding of cyber forensics, networking, and information security technologies and be able to demonstrate outside-the-box thinking and continuous learning. 3. Security Certification such as CISSP, CEH, ACE, EnCE, CCE, Security+ etc. is required.
A credit history check from a national credit bureau will be conducted for all candidates for this position including new hires and current employees seeking promotion or transfer.

Additional Information

Requisition Number: 156309

Category: Information Systems

Percentage of Travel: Up to 25%

Shift: First

Employment Type: Full-time

Posting End Date: 10/30/2020

Equal Opportunity Employer/Veterans/Disabled.

Gulfstream does not provide work visa sponsorship for this position, unless the applicant is a currently sponsored Gulfstream employee.

Savannah, GA

Savannah, Georgia