Cyber Security Analyst

JOB PURPOSE:

The Cyber Security Analyst creates a comprehensive program for establishing a Healthcare carrier-class Security Operation Center. S/he develop and maintain threat monitoring and security incident response procedures within Naufar. The analyst designs frameworks, procedures, and toolkits to enhance capabilities in professional forensic collection and digital evidence analysis. S/he also develop dashboards for reporting the organization's threat landscape, Awareness and security posture to senior management. This role is expert role with roles and responsibilities.

Description

• Develops and implements a cyber-security program to enhance Naufar capabilities regarding Cyber Attack incident monitoring, incidents response and intrusive and non-intrusive forensics capabilities.
• Develops and matures the service capabilities of the SOC, such as Forensics, Threat Management, Penetration Assessments, and Tool Management.
• Develops, Contributes and maintains of the cyber security strategy.
• Implements, configures and maintains security control and process, to ensure threat indicators are rated by severity and responded to in a manner consistent with the threat.
• Identifies deficiencies and recommends corrective action to strengthen information security control and decrease the risk of data breach.
• Maintains and updates standard operation policies and procedures for incident response plans, e-discovery processing, remote acquisition/analysis tools, collections and forensic analysis techniques.
• Maintains industry standard tools and processes used for forensic analysis and eDiscovery collections and processes.
• Monitors security alerts for potential events/incidents as well as trending and historical analysis and ensuring all incident reports are complete and written within standard operations and ensures ticket audits and reviews are completed
• Utilizes leading forensic software to identify, collect, preserve and analyze electronic data from laptops, desktops, servers, email archives, infrastructure logs, network file servers, backup tapes, cell phones, PDAs and a wide variety of other media devices.
• Manages requests for electronic data and digital forensic investigations that relate to Litigation, Regulatory matters, Compliance, and Employee Investigations.
• Performs cybersecurity incident analysis and assist with incident response, including analysis of network content and metadata for investigations or malware detection and identifies the cause and extent of a breach.
• Serves as a subject matter expert and technical advisor in matters relating to the proper collection, preservation, packaging, and submission of digital and multimedia evidence.
• Participates in incident electronic evidence collection activities in major field investigations. Ensures evidence handling requirements are met.
• Performs post-incident report according to standard operations.
• Analyzes the tools and methodology used for investigation and accordingly presents improvements in control and corrective actions if any.
• Escalates and works with senior management on resolutions to overdue security items or any negative trends identified.
• Develops focused reporting and briefings for advanced cyber threats.
• Conducts studies and research for improving forensic analyses, scientific methods, and resolving forensic examination problems.
• Creates detailed, professional documentation and reports, including performance metrics and presentations for management.
• Leads or contributes to key projects related to corporate threat monitoring, forensics or information security initiatives.
• Facilitates group risk assessment activities and identifies any security-related process improvement opportunities.
• Monitors and performs trending on root cause analysis activities within assigned group and participates as needed to resolve clinical systems security related incidents.
• Assists on monitoring compliance with information security policies, standards and ENTERPRISE-WIDE strategy and facilitates threat and vulnerability evaluations on a regular basis. Measures and reports on the effectiveness of information security controls.
• Supports the security initiatives, corrective and preventative actions, and security measures by ensuring timely updates and escalating concerns and non-compliances.
• Understands and maintains the appropriate knowledge of Security Technologies, (Firewall, Anti-Virus, Email and Web Encryption, HIPS, NIPS, SIEM, WAF, DLP), security procedures, and services within Naufar IT Security as well as ensures all tools are functioning properly.
• Keeps up to date on changes to significant regulatory and applicable standards issued by internal or external agencies, as applicable to the Naufar’s domain.
• Adheres to Naufar’s standards as they appear in the Code of Conduct and Conflict of Interest policies

Academic Qualifications:

• Bachelor’s degree – IT - Mandate
• Master’s degree – Cybersecurity - Desired

Experience Requirements:

• 8+ years of experience working as a security analyst or SME within a Security Operations Center with exposure to cyber security collection, analysis and threats management, investigation and digital forensics.
• Demonstrated experience in threat detection and analysis, incident response, and reporting.
• Demonstrated experience with incident response, deep dive forensics, insider threat, cyber and data exfiltration incidents.
• Demonstrated experience conducting assessments, digital forensic investigations, vulnerability management and incident response.
• Demonstrated experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
• Demonstrated experience with SEIM products in the detection, response, mitigation, and/or reporting of cyber threats
• Demonstrated experience in the use of forensic tools (e.g. FTK, Encase, Forensic Toolkit, X-Ways, Linux based tools, etc.)
• Experienced with (or equivalent) the following regulations and frameworks: PCI, HIPAA, and ISO/IEC 2700x