Cyber Security Analyst III

  • Competitive
  • Miami Lakes, FL, USA
  • Permanent, Full time
  • BankUnited, N.A.
  • 16 Oct 18

Cyber Security Analyst III

SUMMARY:
This role will function as a technical compliance analyst, responsible for the proactive assessment and technical analysis of the Bank's information security controls using open source and commercial tools. The primary role is that of penetration tester but the Analyst must be a functional member of the Cyber Security team. The Analyst will cover other team roles as required including incident response, monitoring, threat intelligence and vulnerability management.

ESSENTIAL DUTIES AND RESPONSIBILITIES:
* Conduct approved technical compliance (penetration testing).
* Evaluate Bank systems for opportunities to perform testing.
* Implement and monitor controls necessary to ensure processes are performed and are effective to protect the environment from all forms of malicious cyber activity.
* Collaborate with Threat Intelligence & Vulnerability Management analyst reviews.
* Perform threat hunting and red team exercises.
* Create, operate and maintain security control testing scripts.
* Assist in the gathering and analysis of the current and future threat landscape, and assist the Cyber Security Manager in providing leadership with a realistic overview of risks and threats in and to the organization
* Develop and produce reports on all activities and incidents to help maintain day to day status.
* Develop and report on trends, and provide focus and situational awareness on all issues.
* Perform additional duties as required.

QUALIFICATIONS/COMPETENCIES:
* Experience with AWS cloud security technologies required.
* Experience with cloud security technologies a plus.
* Advanced understanding of penetration testing and vulnerability assessments in cloud and physical environments.
* Experience with security testing of enterprise networks through ethical hacking.
* Scripting and programming experience preferred.
* A strong networking background.
* Demonstrated understanding of TCP/IP networking.
* Demonstrated understanding of cloud technology.
* Must have strong incident handling experience including knowledge of common probing and attack methods, network/service discovery, system auditing, viruses, and worms.
* Experience responding to incidents in a 24/7 environment.
* Experience working in the finance industry dealing with sensitive data preferred.
* Cyber security analysis, incident response, or related security experience preferred.
* Strong analytical and problem solving skills.
* Good interpersonal, organizational, writing and communications skills.
* Ability to work well in a team environment as a whole.
* Self-motivator who monitors the news and threat reports in order to ascertain the potential risks to the company.

EDUCATION and/or EXPERIENCE:

* Bachelor Degree or higher in Computer Science, Information Assurance, Cyber Security or related field or equivalent combination of work.
* At least 5 years working in a technical role in Information Security
* In depth experience with Information System Security (ISS), PKI, firewalls, intrusion detection/protection and related vulnerability assessment tools for network periphery and internal network/service discovery and topology mapping
* Strong experience with various technologies including forensic tools, open source security tools, network monitoring tools, host security prevention tools, etc.
* Demonstrate the ability to communicate clearly, to both technical and non-technical audiences, risks, threats, and vulnerabilities identified during assessments.

CERTIFICATIONS:
* AWS Associate level certification or higher preferred.
* CEH, CISSP, CCSP, SSCP, Security+, Certificate in Cyber Security, or related certifications required.