Cyber Data Analytics Lead

Responsibilities Include:

• Work with Data Scientists to develop advanced analytic techniques for security analysis, including anomalies, intrusion detection, etc.
• Work with strategic partners to identify opportunities to further enhance cyber security using advanced security analytic techniques that preempt threats utilizing social, behavioral, geopolitical information, etc.
• Define and manage the process to onboard new systems into our security analytics portfolio.
• Lead creation of standard analytic dashboards for use by intelligence and operational teams.
• Work with information security personnel and application development teams to define and implement standards for access and activity logging to support our operations and security analytics practices.
• Define models that describe appropriate and inappropriate use of information systems.
• Maintain and enhance a framework for measuring risks associated with lack of visibility into system access and activity.
• Work with external partners – peer companies and security providers – to implement information sharing patterns and processes to identify shared threats and manage risks.
• Provide senior leadership teams with insight as information security transforms to implement a comprehensive data-driven, intelligence-based cyber security program.

Qualifications:

• Bachelor’s degree in Computer Information Systems, Management Information Systems or CISSP certification strongly preferred.
• Equivalent combination of education and experience will be considered. Candidates with no degree must have a minimum of 10 years relevant work experience.
• 5 -10 years of information security experience.
• Minimum 2 years experience of utilizing Machine Learning statistical analytics techniques for anomaly, intrusion detection, social and behavioral analysis, etc.
• Advanced knowledge of network security concepts, best practices, and procedures.
• Expert-level knowledge of security architectural designs, requirements development, and solutions definition.
• Expert-level knowledge of Security Information and Event Management (SIEM), log management, or threat monitoring systems.
• Strong working knowledge of system and application logging.
• Experience with Perl, R, Python, and the use of regular expressions.
• Experience in Information Security Incident Response, intrusion detection, and firewall technologies.
• Strong working knowledge of Windows Client/Server, Unix/Linux Systems, Mac OSX, and VMware.
• Strong working knowledge in cloud solutions and security (e.g. Infrastructure as a Service, Software as a Service).
• Knowledge of collaborative research tools (e.g. CRITs) and data exchange formats (e.g. TAXII, STIX).
• Experience working with data in NoSQL database platforms.
• Experience with building and designing useful and actionable dashboards.
• Expert-level understanding of all layers of the OSI Model.
• Ability to learn complex computing environments quickly.
• Broad understanding of all aspects of IT and enterprise systems interoperability.
• Experience managing and developing a team is preferred.
• Multinational enterprise is preferred.
• Excellent verbal and written communication, problem solving, and analytical skills, including the ability to produce usable and maintainable documentation.
• Ability to learn quickly and adapt to changing environment.
• Ability to communicate with both technical and non-technical personnel.
• Time management skills with proven ability to effectively coordinate multiple tasks under pressure.
• On-call support may be required as Tier 3 support. Some off-hours work to be performed.

What are the 3-4 non-negotiable requirements on this position?

• Bachelor’s degree in Computer Information Systems, Management Information Systems or CISSP certification strongly preferred. Equivalent combination of education and experience will be considered. Candidates with no degree must have a minimum of 10 years relevant work experience.
• 5 – 10 years of information security experience. Minimum 2 years experience of utilizing Machine Learning statistical analytics techniques for anomaly, intrusion detection, social and behavioral analysis, etc.
• Advanced knowledge of network security concepts, best practices, and procedures. Expert-level knowledge of security architectural designs, requirements development, and solutions definition. Expert-level knowledge of Security Information and Event Management (SIEM), log management, or threat monitoring systems.