Cyber Security Analyst
Area of InterestEngineer - Network
What You'll Do
You will sustain and improve usage of network security tools to support CSIRT's security monitoring and incident response services. CSIRT deploys and support network IDS, proxy-based malware filtering solutions, host intrusion prevention tools, log management and analysis, device syslog processing, and network traffic inspection tools. CSIRT develops custom integration tools for interfacing with Cisco infrastructure, security tools, and for conducting security investigations.
- You will setup and tune monitoring plays involving multiple security monitoring products and data feeds
- You will develop and tune documented process for incident and alert handling
- You will mentor and train others on the team in how to properly handle incidents as well as critical issues
- You will manage schedule to ensure operational effectiveness & on-time delivery of all work consistent with documented requirements
In addition, you will be accountable for the following:
- Raise to CSIRT investigators and external support teams to assist in analysis and event resolution.
- Document cases, procedures, analysis, and investigations accurately and thoroughly (including best-practice documentation).
- Inform higher-level priorities, improvements and problem resolutions to improve effectiveness of Cisco CSIRT & InfoSec.
- Constructively challenge and improve existing tools, processes and procedures.
- Assist CSIRT with continued enhancement of Cisco's security tools.
- Assume additional responsibilities as assigned.
Who You'll Work With
The CSIRT reduces the risk of loss as a result of security incidents for Cisco-owned businesses. We regularly engage in proactive threat assessment, mitigation planning, incident detection and response, incident trending with analysis, and security architecture.
Who You Are
Cisco Computer Security Incident Response Team (CSIRT) is looking for a full time Information Security Analyst with a confirmed experience in one or more of the following fields:
- Network administration
- System administration (Windows or Unix)
- IT security with a focus on computer forensics, incident response, malicious code/exploits, anti-virus, etc.
- Web application and script development
To be successful in this role, you should have the following qualifications:
- Degree in IT / CS / MIS / Information Security or equivalent operational experience and be familiar with Windows exploits, malware and malicious code trends, Splunk software.
- Demonstrate good customer service, communications, and troubleshooting skills. You are able and willing to follow process and demonstrate past examples, including case handling.
- You have working experience in a global support environment, experience working in a high stress and pressure environment is a plus.
- Willing to work slightly off-hours including rotational on-call, conduct security event analysis, provide coordination and primary response to security incidents
- Demonstrate interest and knowledge of security trends, especially hacking technologies including Trojans, viruses, and worms
- Demonstrate knowledge of TCP/IP and application in securing systems, investigating security incidents
- Demonstrate clear experience with UNIX/Windows operating systems
You have a very strong interest in complex problem solving, ability to challenge assumptions, consider alternative perspectives, think adeptly and perform in high-stress situations, while operating exceedingly well in a strong, tight-knit, collaborative team environment.
At Cisco, each person brings their different talents to work as a team and make a difference.
Yes, our technology changes the way the world works, lives, plays and learns, but our edge comes from our people.
We connect everything – people, process, data and things – and we use those connections to change our world for the better.
We innovate everywhere - From launching a new era of networking that adapts, learns and protects, to building Cisco Services that accelerate businesses and business results. Our technology powers entertainment, retail, healthcare, education and more – from smart Cities to your everyday devices.
We benefit everyone - We do all of this while striving for a culture that empowers every person to be the difference, at work and in our communities.
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.