Are you interested in being part of an innovative team that supports Westinghouse’s mission to provide clean energy solutions? At Westinghouse, we recognize that our employees are our most valuable asset and we seek to identify, attract and recruit the most qualified talent while recognizing and encouraging the value of diversity in the global workplace.
If this sounds like an environment you would thrive in, we have an exciting opportunity for a Senior IT Security Response Lead Analyst in the Vulnerability & Incident Management group.
As a Senior IT Security Response Lead Analyst, you will provide reviews and investigate information security threats through manual processes and automated technologies.
The primary functions goals are to detect, identify and respond to information security threats in a timely manner to prevent the unauthorized access of information and systems.
The Senior IT Security Response Lead Analyst acts as a subject matter expert on incident response technologies and processes, including threat detection and malware analysis.
Additional activities include review on-going and historical incident information to determine patterns and trends and identify new threats to Westinghouse, tuning and advising service providers of alert and condition changes and coordinating incident response activities with multiple service providers to achieve 24x7 monitoring.
As the lead analyst, you will also be in charge of the overall Incident Response program's execution and provide key metrics and performance indicators for reporting to the business and our IT leadership.
As a successful candidate, you will bring the following to the team:
AA or AS degree in Computer Science, Information Systems, Cyber Security or related field.
5 years in incident response, security operations, or threat intelligence analysis.
8 years information technology or information security experience.
Experience with network sniffers, system troubleshooting, computer forensics, and malware analysis.
Ability to design and implement cyber threat intelligence capabilities using commercial and open source solutions.
Understanding of system exploit techniques, network traffic obfuscation/covert channels, password cracking, and other attacks, and the associated tools and techniques that exploit them.
Experience with information security products, such as firewalls, proxies, netflow, and SIEMs.
Experience with IBM QRadar is preferred
Experience collecting, analyzing, and interpreting technical and non-technical information from multiple sources.
Experience identifying and detecting complex threat actors.