Senior Cyber Threat Engineer II
As a Senior Cyber Threat Engineer II, you will be a member of the bank's Information Security Team. This position supports the Information Security and Cyber Threat Management programs by leading the response to cyber incidents while working in a multiple team/matrix environment. Senior Cyber Threat Engineers process vulnerability and threat data from a variety of internal and external sources to create actionable intelligence in order to implement automation and countermeasures that maintain and enhance the defenses for our information systems and resources. This role serves as the escalation point for computer security incidents and cyber investigations and provides leadership and oversight for lower tier/junior analysts, when a manager is not available. Lastly, this role leads and assists other analysts during incident response activities and cyber investigations.
Program activities include:
• Gathering cyber-security intelligence from a variety of internal monitors and external sources (e.g. government agencies, financial community, computer security community).
• Assessing the bank's networks and systems to detect vulnerabilities & security configuration deficiencies.
• Analyzing potential threats against the bank's computing environment.
• Recommending security improvements to other teams and departments within the bank.
• Detecting anomalies, malware infections and intrusion attempts, and responding appropriately.
• Escalating significant security events to executive leadership appropriately.
• Sharing cyber-security intelligence data with internal and external partners (e.g. government agencies, financial communities) when appropriate
• Ensuring team members are trained on the latest cyber-security trends, threats and applicable technologies.
• Implementing and managing the tools necessary to support the team's mission.
Bachelor's degree in Computer Engineering, Computer Science, Mathematics, Engineering, or a related IT field preferred and 8 years of experience in systems engineering, networking or information security technologies including at least 5 years of information security experience in an enterprise environment.
High school diploma or GED and 12 years of experience in systems engineering, networking or information security technologies including at least 5 years of information security experience in an enterprise environment.
• Advanced critical thinking and problem solving skills with a proven ability to quickly analyze large amounts of often conflicting data and make sound decisions in extremely stressful situations.
• Versed in SEIM, Threat Intelligence, alarms/events how to configure and document
o Demonstrated Advanced knowledge of SEIM/security event log analytics and at least three of the following technologies: Firewall, Web-Proxy, IDS/IPS, Anti-Virus/Anti-Malware, Anti-Phishing, Malicious Web Site reporting/take-down, MSFT O365 Security, Endpoint Detection & Response.
• Demonstrated Advanced knowledge of at least four of the following: Insider Threats, APT (Advanced Persistent Threats), Malware Analysis, Exploit techniques, RegEx (Regular Expressions), SEIM Tuning , Alarm and Signature Creation.
• Hands on experience and understanding of Cyber hunting. Hands on experience with the configuration and countermeasures that need to be maintained to enhance the defenses and detections for our information systems and resources.
• Ability to fulfill the role of Incident commander as a primary and train a secondary
o Serve as the escalation point for computer security incidents.
• Demonstrated Advanced knowledge of SEIM/security event log analytics and at least three of the following technologies: Firewall, Web-Proxy, IDS/IPS, Anti-Virus/Anti-Malware, Anti-Phishing, Malicious Web Site reporting/take-down.
• Demonstrated Advanced knowledge of at least four of the following: Insider Threats, APT (Advanced Persistent Threats), Malware Analysis, Exploit techniques, RegEx (Regular Expressions), SEIM Tuning, Alarm and Signature Creation.
• Demonstrated Advanced knowledge of Information Technologies with a focus in two or more of the following areas: operating systems, networking, computer programing, web development or database administration.
• In-depth understanding of TCP/IP networking, including routers, switches, public/private networks, internet protocol security (IPSec), and virtual private networks (VPN).
• Demonstrated advanced knowledge with Packet Capture and analysis.
• In-depth knowledge of systems administration and systems analysis procedures.
• In-depth knowledge of risk management standards, procedures and practices.
• Strong communication skills, written and oral to communicate effectively with technical and non-technical audiences.
• Ability to lead and perform risk analysis for vulnerabilities, incidents, and change management requests.
• Ability to work as part of a team and independently with limited supervision.
• Ability to lead, mentor, and train others.
• Ability to prioritize work and meet deadlines.
• Banking/financial services experience.
• Prior Military experience and or experience in a regulated industry.
• Systems Administration and Information security experience in medium/large enterprise environments.
• Experience with scripting languages (e.g. Python, PERL, etc.).
• Cisco Routing/Switching, Checkpoint Firewalls, McAfee Security Technologies, RACF, UNIX/LINUX.
• Industry certifications in cyber security and forensics, such as Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), Certified Information Systems Security Professional (CISSP), Security + and other related credentials.
Meet Some of First Citizens Bank's Employees
Robert S.Cyber Threat Engineer
Robert maintains the integrity of First Citizens Bank’s software systems by developing programs that protect the company’s assets from malware and cyber-attacks.
Back to top