The analyst will be expected to use the technical dexterity to choose the right tool and how to use it effectively across a range of security scenarios. The Analysts will develop an understanding of the Rolls-Royce technical landscape and fuse that knowledge with information being reported by security tools in order to triage events effectively.
- Monitoring and analyzing logs and alerts from a variety of different technologies (IDS/IPS, Firewall, Proxies, Anti-Virus, etc…), across multiple platforms.
- Assessing the security impact of security alerts and traffic anomalies on Roll’s networks.
- Creating comprehensive security write-ups which articulate security issues, analysis and remediation techniques.
- Escalating and explaining severe security incidents verbally and in writing.
- Responding to technical security questions and concerns from the business.
- Possessing a deep understanding of hacker techniques, vulnerabilities, attacks and countermeasures.
- Maintaining a strong awareness and understanding of the current threat landscape.
- Conducting research on emerging security threats and potential customer impact.
Qualifications and experience:
- Bachelor’s degree in business, computer science, or information technology and 4+ years of information technology security experience
- Or a Master’s degree in business, computer science, or information technology and 2+ years of information technology security experience
- Must be U.S. Citizen and able to obtain security clearance
- A passion for security, learning, and knowledge sharing.
- Basic understanding of cyber security and detection techniques
- Experience of using common security tools such as Nessus, NMAP, Retina
- Experience of using ITIL compliant processes
- Experience of network anomaly detection using traffic analysis or network intruder detection systems
- Experience in the use of SIEM platforms, preferably, ArcSight
- Understanding of server, client and network technologies
- Analytical and curious mind-set to carry out in investigations
- Ability to achieve Security Clearance relevant to regional government requirements
- CISSP, CISM, CISA, GIAC, or related information security certifications are preferred