Lead Analyst, Threat Analyst and Response Team
At Prudential, we understand that success comes from the talent and commitment of our people. Together, we have a shared vision in securing the future of our customers and our communities. We strive to build a business that you can shape, an inclusive workplace where everyone's ideas are valued and a culture where we can thrive together. Our people stay connected and tuned in to what's happening around us, keeping us ahead of the curve. While focused on the long-term, we look to the future to bring growth, development and benefit to everyone whose lives we touch.
Security Incident Response Engineer works with internal and external stakeholders to analyses data, generate timely and accurate threat reports, and recommend response strategies to mitigate the cyber threats, vulnerabilities and risks to Prudential-Wide stakeholders. Job Responsibilities:
- Operationalize 24x7 Threat Analysis and Response Service:
- Explore large data sets to uncover novel techniques and attack origination to generate custom alerts for enterprise customers
- Identify and report the latest human adversary behaviours, drive critical context-rich alerts, and help drive innovations for detecting advanced attacker tradecraft
- Support the incident response process by providing advanced analysis services to include recommending containment and remediation processes, independent analysis of security events, and reporting of identified incidents to Incident Handling
- Operationalize Signals vs Noises campaigns:
- Responsible for joint team effort to normalize data from breach and attack simulations, threat intel, and incident response
- Support IR orchestration and AI initiative and process and documentation improvement.
- Stay abreast of evolving risks, new developments in the security industry and industry best practices in threat intel, analysis and threat response techniques
- Select, implement, and maintain tools, technologies, and skills to perform all work to highest standards
- Excel in Collaboration:
- Work closely with customers on reporting, stewardship calls and in the case of escalations.
- Identify, evaluate and report emerging security threats.
- Collaborate with network of CERTS and ISPs that can effectively support security collaboration needs in the case of crisis
- Ensure timely reporting of security control gaps and emerging threats to the customer
- Maintain regular written and in-person communications with RITS's executives, other leads regarding security defence strategy
- Collaborate in Threat Hunting and Threat Intel operations
- Participate and assist in production of threat intelligence reports that communicate the results of the analyses to the respective audience
- Participate and assist in continuous Breach and Attack Simulation for all BUs to gain insights of organizational risks and to evolve detection use cases
- Security Incident Response methodologies and frameworks that include chain of custody for forensics events.
- Experience with investigating using a wide variety of detective technologies such as SIEM, packet capture analysis,
- host forensics and memory analysis tools.
- Understanding of threat landscape in terms of the tools, tactics, and techniques of attacks.
- Understanding of networking and security fundamentals and administration of Windows, Unix/Linux, and Macintosh.
- Scripting including Python, PowerShell and batch/shell scripting.
- Correlate data from multiple sources to identify incidents and events of interest.
- Ability to effectively communicate technical and non-technical issues both verbally and in writing.
- Excellent analytical and problem solving skills.
- Effective interpersonal skills.
- Bachelor's degree and/or equivalent experience.
- 3-5+ years Information Security experience required.
- Certification in Incident Response and/or Forensics is required such as GCIH (GIAC Certified Incident Hander),
- GCFE (GIAC Certified Forensic Examiner) or GCFA (GIAC Certified Forensic Analyst)