Career level

Entry (0-2 years), Middle (2-5 years), Senior (5-10 years)

Spoken languages

English

Job Address(es)


SECURITY ANALYST/MALWARE INCIDENT HANDLER - GLOBAL IT, RISK MANAGEMENT

 

As part of Global IT’s Threat & Vulnerability Management team within Risk Management, you will be part of a global Malware Incident Response team identifying security events and coordinating the response for the relevant technical support groups, businesses at risk and service recovery teams. As a member of this fast paced team, you will execute controls to protect the infrastructure and employees against internal and external malicious attacks and infiltration.

 

The security analyst is responsible to monitor and help maintain the security posture of the Global IT environmentThese responsibilities include performing vulnerability scanning, analysing data in order to identify computer attacks and malware infections, responding to security incidents, documentation, analytical investigation and recommended proactive security threat countermeasureUsing cutting edge network behaviour and anomaly detection tools, the analyst will examine, identify, and understand the nature of cyber-threats such as viruses, worms, bots, root kits and Trojan horses. In addition, it may be necessary to work directly with employees to collect, analyse and submit virus samples to our vendors, help remediate malware infections and prevent further damage.  The analyst will be expected to participate in security project tasks on an as needed basis, and interact directly with Security organisations and multiple Lines of Businesses globally.

 

Responsibilities:

•  Work directly with end users to identify, isolate and re-mediate malware on the end-points.

•  Analyze malware using reverse engineering and forensic tools.

•  Identify, analyze, and document malicious network or system activity and determine sophistication, priority, and threat level of computer security related attacks.

•  Key contributor in various facets of incident response including notification, escalation response and post incident review.

•  Experience managing, responding to and resolving situations caused by malicious attacks.

•  Ability to analyze information to identify network threats such as scans, computer viruses or complex attacks.

•  Perform analysis on logs, traffic flows, and other activities to identify malicious activity.

•  Enhance existing incident response methods, tools and processes which provide the organization value by reducing risk.

•  Contribute towards improving incident response delivery by leveraging lessons learned.

 

Qualifications:

•  Five years IT experience which includes networking and end-point security suites, plus 2 years of IT Security experience preferred.

•  Understanding of malware infection vectors, identification and remediation techniques.

•  Experience in security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.

•  Understanding of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network infrastructure.

•  Security processes and technologies including threat analysis, security monitoring and security technologies like IDS/IPS, DDoS prevention technologies.

•  Experience in following incident response procedures and standards, strong communication skills and ability to articulate events to senior management.

•  Malware identification, analysis, reverse engineering and disk forensics.

•  Excellent communication skills, analytical ability, strong judgment and leadership skills, and the ability to work effectively with IT management and staffs.

•  Dedicated and self driven desire to research current information security landscape and threats.

•  Vulnerability scanners and SIEM experience a plus.

•  Network behavior and anomaly detection experience a plus.

 

Certifications:

•  Certified Information Systems Security Professional (CISSP) certified/qualified or ability to actively work towards obtaining certification.

•  GIAC Certified Incident Handler (GCIH) or demonstrated skills and ability to obtain certification.

•  Certified Ethical Hacker (CEH) or demonstrated skills and ability to obtain certification