Regions Bank CyberSecurity Operations Center (SOC) Analyst in Hoover, Alabama
At Regions, our Cybersecurity Engineer is responsible for day to day operation of our network and/or host based Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS) platforms.
•Activities range in complexity from simple approvals (allowing safe software to be installed) to complex event analysis (reverse engineering malicious software or identifying traffic patterns for cyber attacks) and custom rule creation
•Reviews system logs and responds to security events for host based incidents
•Analyzes incoming security incidents, performs deep packet inspection, and provides first responder actions to Fraud Response teams
This position is exempt from timekeeping requirements under the Fair Labor Standards act and is not eligible for overtime pay.
•An Associates degree in a related field
•Four years relevant security experience
GCIA, GCIH, CISSP and/or GCWN
•Bachelors degree in Computer Science, Management Information Systems or directly related field
•GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), GIAC Certified Windows Security Administrator (GCWN)
The Information Security Engineer/CyberSecurity Operations Center (SOC) Analyst will perform daily operational monitoring of events and alerts from multiple sources, including our Security Information and Event Management (SIEM) and IDS/IPS tools, malware prevention platforms, system logs, etc. The Analyst will investigate events and either remediate or escalate further. The ideal candidate will be a self-starter with a keen analytical mindset and a passion for investigation, problem solving, continuous learning, and self-improvement.
· Provide accurate & priority driven analysis to detect, analyze, respond to and track security threats and vulnerabilities.
· Utilize information security and monitoring tools in order to gather additional context needed to investigate an events of interest.
· Coordinate with Business Units and Technology teams to assist with incident response, remediation, and recovery efforts.
· Keep accurate and concise records for all cases
· Develop and maintain documentation, processes, procedures, and reports to improve the quality, consistency, effectiveness, and efficiency of SOC operations.
· Contribute to the continuous improvement and growth of the SOC and Information Security.
· Remain informed and improve awareness of Information Security news and developments, especially in relation to the banking and financial services industry.
· Continue to develop technical skills to expand knowledge and understanding of key Information Security controls.
· Self-starter with initiative and drive for continuous improvement.
· Must be a team-oriented individual who works well with others and places a premium on the group’s success.
· Demonstrate strong organizational, research, analytical and problem-solving skills to evaluate situations and respond appropriately.
· Familiarity with concepts related tosecurity disciplines such as: malware analysis, computer forensics, cyber incident response, network intrusion detection, network traffic and packet analysis, penetration testing, vulnerability scanning, compliance, audit, or cyber threat intelligence.
· Possess a firm understanding of information security principles, controls, and technologies.
· Must possess excellent written and verbal communication skills.
· Bachelor’s degree in Computer Science, Managing Information Systems, or other technology-based discipline. *Experience may be substituted for some education.
· Three or more years of experience in Information Technologyor Information Security. **Education may be substituted for some experience.
· One or more years of experience in Information Security.
· Experience with a diverse set of hardware, software, and operating systems.
· Subject matter expert (SME) in one or multiple areas such as Windows, UNIX, mainframe, firewalls, networking, intrusion detection, threat detection/analysis, or information risk management.
· Relevant information security certification such as (CISSP, CISA, SANS/GIAC, Security , etc.) are a plus.
· Experience with SIEM systems is a plus.
· Experience working in a Security Operations Center environment is a plus
EEO / AA / Minorities / Females / Disabled / Veterans
Title: CyberSecurity Operations Center (SOC) Analyst
Requisition ID: 1611457