Sr. Information Security Engineer

Sr. Information Security Engineer

Primary Purpose: 

The Senior CSOC Analyst will leverage a variety of tools and resources to proactively detect, investigate, and mitigate emerging and persistent threats impacting Nice InContact's networks, systems, and applications. This is a Senior level position responsible for championing technologies, best practice, threat landscape know-how to prevent, monitor and respond to information/data breaches and cyber-attacks by supporting threat modeling exercises and assisting with controls analysis and integration to defend against known and unknown threat agent TTP's. This role will ensure the creation, testing and execution of operational processes and policies to align with Nice inContact's Security policy.

 

 To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response. The ideal candidate will have a solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would be proficient in exploit development and familiar with intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, big data analytics, and cyber defense operations. In addition, the position requires personnel to analyze network defense systems, and maintain a secure cyber environment through configuration management, administration, and response actions.

This role will report to the CSOC Manager within the Trust Office and collaborate with adjacent operations directorates, to include network and system operations.​

 

Major Functions and Responsibilities

• Work independently, applying in-depth knowledge and experience to deliver time critical, customer focused security monitoring services, advising and recommending on defensive strategies.
• Perform analysis (e.g. forensic analysis and malware reverse engineering) of complex and non-routine escalated security-related events; drawing on the expertise of other Analysts and external resources as required.
• Provide evidence of postmortem analysis of traffic flows, conduct network forensics, perform follow-up analysis throughout the incident life cycle
• Identify trends and tactics in the threatscape across the production and corporate infrastructure.
• Applying threat intelligence to build an awareness picture of emerging issues across monitored environment within the CSOC.
• Evaluate threat capability gaps within the CSOC and make recommendations to higher Management.
• Helps improve the overall security posture through obtaining the knowledge of the enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders.
• Provide effective leadership to CSOC team members; directing and guiding work and providing mentorship of junior members of staff, acting as a local Subject Matter Expert.
• Complete projects and playbooks associated with security monitoring, detection, and incident response.
• Coordinate and organize onboarding of new Analysts, including system access, and training.
• Act as point of contact for projects, escalations, new updates and changes from stakeholders.
• Proactively contribute to CSOC strategy by refining processes and procedures; ensuring they align with customer and wider organizational requirements.
• Create and maintain cybersecurity policies, standards, processes, and procedures.
• Improve control structures for threat intelligence and create collaboration processes to identify and respond to information on threats and vulnerabilities.
• Build effective threat identification and assessment processes, including maintaining procedures for obtaining, monitoring, assessing, classifying severity, and responding to evolving threats and vulnerabilities.
• Initiate research and evaluate intelligence data - with specific emphasis on tactics, techniques, and procedures - focusing on threats facing NICE inContact computer resource systems.
• Delivers top notch papers, presentations, recommendations, and findings for Enterprise Technology Leaders.
• Assume management tasks when/if needed to ensure operational continuity.
• Maintain the highest level of personal certification, integrity and objectivity, thus the Company Code of Ethics and Nice inContact policies and procedures at all time. ​ ​

  

To Land This Gig You’ll Need:

Associate degree in computer science, Cybersecurity, Information Systems Security or related field or equivalent work experience required. Bachelor’s degree preferred.

5+ years of experience as a cybersecurity analyst

5+ years working in IT and data network

Solid grasp of Cybersecurity (application and networking) and networking fundamentals.

Actively maintains awareness of developments in the intrusion analysis, incident response and information security fields.

Working understanding of common Intrusion Analysis models (e.g. Cyber Kill Chain®) and can apply them to enhance analysis and reporting.

Excellent communication skills, both written and oral

Understanding of cybersecurity tradecraft and technologies within applications and cloud environments

Strong knowledge of security technologies such as SIEM, NIDS/NIPS, HIDS/HIPS and Endpoint protection suites

Proficient in vulnerability scanning, monitoring management consoles, and security threat vector analysis

Excellent critical thinking skills with ability to identify malicious activity without reliance on alerting software configured to trigger from signature and behavioral analysis applications

Excellent knowledge of cybersecurity standards, data security practices and procedures, network security, application security, and database security

Deep understanding of the impact of various data protection and integrity controls, operating systems and network security controls, authentication controls, and security protocols

The attributes of a qualified candidate are a rational skepticism, a sense of risk appreciation, technical awareness, informed judgment and a strong operational understanding ​

​

Experience Preferred:

• Certifications in security, contract analysis, or related field (one or more preferred):
  • CompTIA Security +
  • CompTIA Network +
  • CompTIA CySA +
  • Certified Ethical Hacker
  • Certified Cloud Security Professional
  • AWS Certified Security
  • Offensive Security Certified Professional
  • SANS Certified Intrusion Analyst (GCIA)
  • SANS Certified Incident Handler (GCIH)
• In depth Experience with offensive security/penetration testing skills and tools
• Advance Knowledge of digital forensic tradecraft and malware operations
• Working knowledge of native Amazon Web Services security services to deploy and managed security solutions.
• Strong understanding of data security controls to include encryption (at rest and processing), network authentication, network security architectures, and access control.​