Senior Cyber Incident Analyst
Discover. A brighter future.
With us, you’ll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it — we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.
Job Description
Responsible for analyzing incidents and identifying and mitigating threats. Collaborates with incident response teams to analyze cyber defense processes and procedures and ensures compliance with regulations and company directives. Develops effective security controls to enhance the business environment and management decision making.
Responsibilities:
- Monitor events aggregated from a multitude of technologies to detect malicious activity. Perform detailed analysis using a variety of tools and techniques to investigate, navigate, correlate, and understand security incidents to the fullest extent of the data available. Ensure proper escalation and hand-off of security incidents for containment and remediation. Evaluate and implement tunes for rules, filters and policies for detection-related security technologies to improve accuracy and visibility. Build and maintain custom security detection logic to analyze and correlate information to produce meaningful, actionable results. Conduct data mining across log sources to uncover and investigate anomalous activity and items of interest. Create and maintain documentation of logic, rules, policies, and procedures.
- Execute timely, thorough, and effective incident handling through collaboration and innovation. Provide mitigation services for identified threats and security incidents. Maintain evidence integrity during digital forensic acquisitions and analysis. Complete thorough documentation for incident investigations including root cause analysis, relevant forensic artifacts, and technical and procedural lessons learned. Develops innovative opportunities for incident response tools and processes which enable rapid analysis and response to security incidents at enterprise scale. Deliver presentations and executive briefings regarding relevant security incidents and findings to senior management. Create and maintain documentation for incident response team including technical procedures, detailed diagrams, pertinent metrics, and report templates.
- Identifies and evaluates potential vulnerabilities and drives the normalization, correlation, and integration of internal and subscription threat-intelligence source. Produces actionable intelligence in the form of reports, notifications, alerts, and briefings. Develops mitigation and countermeasure strategies from collected threat intelligence. Recognizes security violations and takes appropriate action to report each incident, as required. Analyzes the organization's cyber defense procedures and configurations and evaluates compliance with regulations and organizational directives. Performs in-depth analysis of security issues and/or vulnerabilities. Ensures compliance to audit, regulatory, and legal requirements. Builds and maintains effective relationships with peers and internal business partners. Creates effective controls to address security concerns. Develops metrics and new capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Engages in reporting risk remediation assurance and automation/integration initiatives and collaborates with stakeholders, at all levels, to ensure remediation is validated, risk is mitigated, and findings are fully closed/resolved. Maintains in-depth knowledge of security trends and threats. Designs and develops security solutions and processes that are consistent with business goals and risk tolerance. Provides subject matter expertise for supported Cybersecurity technologies
- Identifies and evaluates potential vulnerabilities and drives the normalization, correlation, and integration of internal and subscription threat-intelligence source. Produces actionable intelligence in the form of reports, notifications, alerts, and briefings. Develops mitigation and countermeasure strategies from collected threat intelligence. Recognizes security violations and takes appropriate action to report each incident, as required. Analyzes the organization's cyber defense procedures and configurations and evaluates compliance with regulations and organizational directives. Performs in-depth analysis of security issues and/or vulnerabilities. Ensures compliance to audit, regulatory, and legal requirements. Builds and maintains effective relationships with peers and internal business partners. Creates effective controls to address security concerns. Develops metrics and new capabilities to ensure confidentiality, integrity, availability, authentication, and non-repudiation. Measures effectiveness of defense-in-depth architecture against known vulnerabilities. Engages in reporting risk remediation assurance and automation/integration initiatives and collaborates with stakeholders, at all levels, to ensure remediation is validated, risk is mitigated, and findings are fully closed/resolved. Maintains in-depth knowledge of security trends and threats. Designs and develops security solutions and processes that are consistent with business goals and risk tolerance. Provides subject matter expertise for supported Cybersecurity technologies organization’s network and find ways to disrupt them. Draw attention to the business impact of computer/system/network security issues.
- Maintains primary data, incident, and analytic security platforms. Manage full-lifecycle development and support of home-grown security tools and solutions. Analyze new tools and technologies. Integration and upkeep of various datasets to ensure data streams are accessible and data quality is maintained. Manage detection content for security tools for operations center. Analysis, monitoring, and reporting of platform operational health and stability. Creation of visualizations and telemetry to accurately depict operational status and increase situational awareness. Maintaining documentation of tools, logic, policies, and procedures.
Minimum Qualifications:
- Bachelors Information Technology , computer science or related
- 1+ years Information Security, Computer Science, Data Analytics or related
- In Lieu of education, 2+ years Information Security, Computer Science, Data Analytics or related
What are you waiting for? Apply today!
The same way we treat our employees is how we treat all applicants – with respect. Discover Financial Services is an equal opportunity employer (EEO is the law). We thrive on diversity & inclusion. You will be treated fairly throughout our recruiting process and without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status in consideration for a career at Discover.