Cyber Intrusion Analyst

The Cyber Intrusion Analyst II within the Monitoring and Response team contributes to a variety of global enterprise information security services in support of the Chief Security Officer. The Cyber Intrusion Analyst II will have demonstrated in past roles the ability to work effectively with limited supervision on security related tasks and projects, drive results, and build positive relationships with coworkers and meet program objectives. This individual will have a key role in leading one or more of the following enterprise security services: • Cybersecurity Monitoring & Analysis
• Cybersecurity Incident Response
• Investigations & Data Forensics
• Insider Threat & Threat Intelligence
• Cybersecurity Automation and Development
• Cloud Security The incumbent will play a strong role in daily operations pertaining to the correlation, identification, and analysis of indicators of malicious or inappropriate activity. This individual should have a solid but developing technical experience performing intrusion detection, log analysis, and vulnerability management. This role will perform operational roles in support of enterprise vulnerability management, penetration testing, and forensics as part of the Asurion Cyber Command Center (C3). The analyst will also have an expectation of delivering capability and functionality within the Asurion cloud space. The Cyber Intrusion Analyst II will have a high level of collaboration with other Analysts and extensive involvement with our IT Operations, Application Development, and Cloud Governance organizations. The ideal candidate will have a strong interest in complex problem solving, ability to challenge assumptions and consider alternative perspectives, think quickly and perform in high-stress situations, and operate well in a strong team environment.

Cyber Intrusion Analyst II, Cyber Command Center

The Cyber Intrusion Analyst II within the Monitoring and Response team contributes to a variety of global enterprise information security services in support of the Chief Security Officer. The Cyber Intrusion Analyst II will have demonstrated in past roles the ability to work effectively with limited supervision on security related tasks and projects, drive results, and build positive relationships with coworkers and meet program objectives. This individual will have a key role in leading one or more of the following enterprise security services:

• Cybersecurity Monitoring & Analysis
• Cybersecurity Incident Response
• Investigations & Data Forensics
• Insider Threat & Threat Intelligence
• Cybersecurity Automation and Development

• Cloud Security

The incumbent will play a strong role in daily operations pertaining to the correlation, identification, and analysis of indicators of malicious or inappropriate activity. This individual should have a solid but developing technical experience performing intrusion detection, log analysis, and vulnerability management. This role will perform operational roles in support of enterprise vulnerability management, penetration testing, and forensics as part of the Asurion Cyber Command Center (C3).The analyst will also have an expectation of delivering capability and functionality within the Asurion cloud space.

The Cyber Intrusion Analyst II will have a high level of collaboration with other Analysts and extensive involvement with our IT Operations, Application Development, and Cloud Governance organizations. The ideal candidate will have a strong interest in complex problem solving, ability to challenge assumptions and consider alternative perspectives, think quickly and perform in high-stress situations, and operate well in a strong team environment.

Responsibilities:

• Operates and monitors network intrusion detection and prevention sensors and other information security monitoring infrastructure.
• Collects, assesses, and reports upon relevant threat intelligence / actionable security information and appropriately modifies tactical operations
• Performs analysis and response to Tier I & II security relevant alerts and events
• Assesses network traffic patterns and session data for indicators of malicious activity with assistance
• Plays a strong supporting role in prompt and effective response to information security incidents
• Performs operational assessment, prioritization, and remediation of enterprise vulnerabilities and exposures
• Generates, edits, and delivers reports derived from security tools and GSOC activities
• Support of forensic investigations and penetration testing activity
• Supports the automation and improvement of the overall cloud security posture at Asurion
• Assists with executing remediation plans for any gaps reported in audits or recommended process improvements that effect core information security services
• Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining professional networks; participating in professional organizations
• Performs other related duties as assigned.

Requirements :

• BA or BS in Computer Science, Management Information Systems, or related field desirable, practical experience plus education and certifications may be considered.
• MS in Computer Science, Information Systems, or a related field, desired.
• Ideally, three or more years of progressive experience in computing and information security, including experience with Internet technology, security technology, issue resolution and leading teams in a cross functional, global setting.
• CISSP, GSEC, GCIA, GCIH, GCFA, EnCE or other security related certifications desired.
• Solid understanding of core network protocols (TCP/IP, ICMP, DHCP, DNS, etc)
• Familiarity needed with several key security technologies: SEIM Tools (Splunk, ArcSight, LogLogic), Network Intrusion Detection / Prevention Tools, DLP packages, Host IDS, AV & EDR and endpoint management, network anti-malware (FireEye, Palo Alto), Forensic tools (EnCase, FTK, etc).
• Familiarity with common OOP languages desirable (Python, Java, C#, etc.)
• Strong analytical and problem-solving skills are necessary.
• The ability to operate under ambiguous circumstances, address uncomfortable issues and leverage data to make informed decisions.
• Excellent communication (oral, written, presentation), interpersonal and consultative skills are required.

This position requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.

For two decades, Asurion has led the technology protection industry around the globe. The Company provides premier support solutions to enable optimum use of technology; digital applications to protect their privacy and provide security; and rapid replacement of lost, stolen, damaged or malfunctioning devices. Asurion partners with the leading wireless companies, retailers and service providers enabling them to focus on their businesses and to provide services that delight their customers. Asurion's 16,000+ employees worldwide specialize in fulfilling the needs of more than 280 million consumers.

We value open-source technologies, solve challenging and unique problems, and innovate quickly. We embrace continuous delivery and Lean Startup principles. We encourage creativity from our architects and engineers every step of the way, working with various teams including product, user experience, call center operations, mobile and systems. Our teams are small enough to make fast decisions, yet our audience is large enough that our work makes a tremendous impact.