LEAD SECURITY ANALYST COVER LETTER TEMPLATE

• Configure and manage tools to monitor network, systems, and access activity and analyze reports from those tools to identify unusual behavior
• Proactively identify network vulnerabilities through penetration testing, vulnerability scans and vulnerability assessment reports, and configuration audits
• Coordinate and assist in the application of security patches based on severity and sensitivity scores
• Daily monitoring of security events and coordination of remedial actions
• Defend systems against unauthorized access, modification and/or destruction
• Configure and support security tools such as firewalls, EDR software and patch management systems
• Plan and recommend procedural changes to optimize the security posture of the organization
• Guide security best practices to the back-office technologies team
• Implement and maintain network security policies, application security, access control, and corporate data safeguards
• Developing and updating business continuity and disaster recovery protocols
• Develop security playbooks and incident response training scenarios

Skills: Network Monitoring, Vulnerability Assessment, Patch Coordination, Security Event Monitoring, System Defense, Security Tool Management, Policy Implementation, Incident Playbooks

• Lead various security audits including data compliance
• Lead forensic investigations of compromised devices
• Provide technical administration and coordination with partner organisations
• Provide Subject Matter expertise (SME) to the support team regarding back-office systems and technologies
• Training fellow employees in security awareness and procedures
• Mentor and assist team members in the Client Technologies team with issues related to cybersecurity
• Exercise resourcefulness in determining the cause of problems through acquired knowledge and expertise, assistance from other IT support staff, and an in-depth understanding of problem-solving skills
• Maintain effective lines of communication with other IT groups and work with these groups to ensure unresolved problems are handled expediently, problem trends are identified, and root causes are eliminated
• Provide innovative ideas and suggestions on ways to improve existing back-office technologies, processes and procedures
• Adhere to all documented and formalized policies and procedures
• Promote the use of corporate standard hardware and software to ensure legality and information security

Skills: Security Auditing, Forensic Investigation, Technical Coordination, SME Support, Security Training, Team Mentoring, Problem Solving, Process Improvement

• Collaborate with solutions teams and architect functions to recommend common frameworks and implement designs for protecting data and mitigating technical and non-technical threats
• Triage security alerts and logs
• Analyze the validity of alerts and gather additional context
• Use available tools to perform additional investigation
• Review process and procedure used by security operations and drive continuous improvement in collaboration with the Process Center of Excellence
• Ensure complete use of the incident lifecycle from detection through remediation
• Recommend and implement or influence the implementation of improvements to detection, investigation and response
• Research common tactics used by threat actors and tune defenses accordingly to prevent attacks
• Participate in working groups with internal and third-party security operations teams to create new ideas for proactive defense

Skills: Security Architecture, Alert Triage, Alert Analysis, Threat Investigation, Process Improvement, Incident Lifecycle Management, Detection Enhancement, Proactive Defense

• Key success metrics include mean-time-to respond, process adherence, and number of recurring incidents
• Acts as a key participant in critical security incident response (IR) and/or data breach (DBIR) response, and can lead response as a security incident manager (SIM)
• Maintain the system health, configuration and tuning of technical security controls for both on-premises and cloud-based assets
• Perform threat analysis and recommend remediation steps to resolve complex incidents and events detected by security tool sets
• Maintain technical configuration to support the CEI Information Security Policy and Controls Framework
• Inform security architecture review and annual budget planning with operational data and threat metrics for all security tools and platforms
• Comply with standard processes, procedures, and service level expectations for ticket handling
• Maintain working knowledge of advanced threat detection as the industry evolves

Skills: Incident Response Management, Security Control Tuning, Threat Analysis, Incident Remediation, Policy Compliance, Security Architecture Input, Ticket Handling, Threat Detection Knowledge

• Researching and understanding Cybersecurity threats, threat actors, trends in adversary activities, attack vectors and Tactics, Techniques and Procedures (TTPs)
• Using threat modeling and attack frameworks to develop advanced detection mechanisms for a variety of security tools and technologies to identify, detect and respond to malicious activity
• Leveraging intelligence derived from Threat Hunting to improve overall Security Operations, tool visibility, threat awareness, and detection and response
• Driving the implementation and consistent operation of the Threat Hunting program
• Leading security program improvements and efficiencies across security technologies, processes, and services
• Optimizing security tools deployment and introducing scalable security services
• Building and coordinating plans for the transition and integration of an acquired company’s security operations, tools, services, and processes
• Continually building automation and tooling capabilities for the deployment and management of internal security services
• Driving continuous improvement of the acquisition security integration playbook
• Proactively search for Threats to prevent or minimize Cybersecurity attacks
• Interpret and analyze data from multiple sources, providing key analytics
• Document findings in an easy-to-read format

Skills: Threat Research, Detection Engineering, Threat Hunting, Security Optimization, Security Integration, Automation Development, Threat Prevention, Data Analysis

• Ability to conduct investigations in a lead capacity and report findings to leadership
• Knowledge of cyber threats and vulnerabilities
• Knowledge of adversarial tactics, techniques, and procedures
• Knowledge of incident response and handling methodologies
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
• Knowledge of IT architecture and operations (computing, network, storage and cloud)
• Knowledge of security control technologies
• Experience partnering with auditors and regulators
• Working experience in a cybersecurity operations or analytics function
• Working experience in a cybersecurity skill role, such as Incident Response, SOC Tier 3 Analyst, Threat Hunter, Penetration Testing, etc.
• Must have Technical security certifications
• Working experience in Financial Services 
• Software development and/or scripting experience such as Python, PowerShell, etc.

Qualifications: BS in Computer Science with 7 years of Experience

• Working experience in IT or network security 
• In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls
• Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
• Experience with common information security management frameworks, such as ITIL, CoBIT, and NIST frameworks
• Knowledge of the fundamentals of project management, and experience with creating and managing project plans, including budgeting and resource allocation
• In-depth knowledge of risk assessment methods and technologies
• Proficiency in performing risk, business impact, control and vulnerability assessments
• Excellent technical knowledge of mainstream operating systems, especially Microsoft Windows and Linux and a wide range of security technologies
• Experience in developing, documenting and maintaining security policies, processes, procedures and standards
• Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts
• Working experience in Audit, compliance or governance
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls
• Ability to interact with personnel at all levels and across all business units and organizations, and to comprehend business imperatives

Qualifications: BS in Information Security with 8 years of Experience

• Strong communication and written skills, independent problem-solving abilities and self- direction
• Knowledge of network security and information security concepts
• Ability to facilitate cross-functional teams to implement security controls and initiatives
• Demonstrable commitment to promoting and enhancing diversity
• Previous experience in a Security Operations Center
• Experience with information security
• Working knowledge of requirements for organizational compliance with multiple laws, regulations, and standards such as the NIST Cybersecurity Framework, PCI-DSS, FISMA, GLBA, and FERPA
• Strong technical understanding of a broad range of security concepts and countermeasures including workstation security, perimeter security, account management, application security, cryptography, and network security
• Experience with Intrusion Detection and/or Prevention Systems, Security Event and Incident Management Systems, and other Vulnerability and Assessment Tools
• Knowledge of Computer Forensic Practice, including evidence collection and preservation
• Proficiency with computer programming

Qualifications: BS in Cybersecurity with 6 years of Experience

• Ability to comprehensively support tasks and provide SME-level guidance to the team
• In-depth and/or expert knowledge of SAP, SCI, and Collateral security requirements
• Must be capable of incorporating security policies and procedures
• Ability to interpret and apply the guidance of Executive Orders, Public Laws, Intelligence Community Directive (ICD) series, DOE Orders and Directives, National Industrial Security Program Operating Manual (NISPOM), and DoD Special Access Program Security Manuals 5205.07 Volumes 1-4
• Proficient in Microsoft Office (i.e., Word, PowerPoint, Excel, and Outlook) and database programs to track office reporting
• Experience leading a team
• Previous experience supporting a SAP
• Working experience in large enterprise organizations
• Must have CISSP (Certified Information Systems Security Professional)
• Working knowledge of UNIX and Windows
• Excellent analytical, organizational and communication skills
• Strong Project Management skills

Qualifications: BA in Management Information Systems with 7 years of Experience

• Experience in working in IT Security
• Experience working as a threat and vulnerability management expert
• Proven domain expertise in relevant areas, such as threat intelligence, penetration testing, intrusion analysis, incident handling, malware analysis or security engineering
• Demonstrated experience in an enterprise-level TVM team
• Solid understanding of malware families, applications, network, and cloud attack vectors
• Expert-level familiarity with enterprise vulnerability management tools, such as Qualys, Rapid7, and Tenable Nessus
• Scripting knowledge to automate repeatable tasks using vendor APIs
• Experience creating and refining metrics to articulate and measure program performance
• Experience with system hardening and secure configuration frameworks
• Able to work independently and efficiently, as well as with others, to meet deadlines
• Able to multitask, prioritize, and resolve multiple inquiries at once
• Possess excellent writing and communication skills
• Experience with FedRAMP compliance requirements 
• Experience with Docker containers and container platforms

Qualifications: BS in Applied Cybersecurity with 8 years of Experience