Cyber Intelligence Analyst
The Cyber Intelligence Analyst participates in the identification, tracking, monitoring, containment and mitigation of information security threats. This position performs data collection and analysis to provide network and data security utilizing established processes and tools that focus on incident response, threat identification, containment and remediation. The position also uses data science principles to security events and incidents to facilitate the creation of new and advanced methods of detection.
- Perform real-time security log and event analysis and takes action within defined parameters to contain and mitigate information security threats and escalate to the next level as needed based on severity
- Review and analyze security events, determine their severity, and author reports detailing the activity
- Act as the direct point of contact for Information Security to UPS Operations Command Center (OCC) staff responding to computer security events as directed during core work hours and potentially on-call, after hours, as part of rotational support
- Provide timely follow-up to stakeholders as appropriate and keeps management informed of changes in status during issue resolution
This position offers an exceptional opportunity to work for a Fortune 50 industry leader. If you are selected, you will join our dynamic technology team in making a difference to our business and customers. Do you think you have what it takes? Prove it! At UPS, ambition knows no time zone.
- Must be a U.S. Citizen or National of the U.S., an alien lawfully admitted for permanent residence, or an alien authorized to work in the U.S. for this employer
- Now or in the future UPS employment sponsorship, such as H1B, TN, J-1, F-1, etc., is not needed in order to start or continue temporary or permanent employment with UPS.
- 1 to 2 years as an Analyst in a Security Operation Center or in an Incident Response and Handling role
- Prior experience with SIEM technologies
- Expert understanding of network protocols, TCP/IP fundamentals, operating systems along with log, network and system security analysis techniques
- Clear and concise communication and presentation of complex and complicated security topics
- Understanding of regular expressions, database structure and queries
- Understanding of basic network services, vulnerabilities, exploits and attacks
- Understanding of computer, application and network exploits and vulnerabilities
- Bachelor’s Degree required
- Certifications: GIAC Certified Incident Handler (GCIH) or GIAC Certified Intrusion Analyst (GCIA) preferred
- Beginner-level proficiency with Malware Reverse Engineering
- Intermediate-level proficiency with Linux System Administration, Cyber Threat Analysis, Security Incident Response, Vulnerability/Threat Analysis
- Advanced-level proficiency with Windows Operating System, Technical Knowledge of Hardware & Software
- Bachelor’s Degree preferred - Certifications: GIAC Certified Incident Handler (GCIH) or GIAC Certified Intrusion Analyst (GCIA) preferred.
- Experience classifying or categorizing cyber-attacks.
- Experience constructing hypotheses or narratives in analytical findings.