Home
/
Data and Analytics
/
Senior Associate - Security Analyst
Senior Associate - Security Analyst-November 2024
Lebanon
Nov 10, 2024
ABOUT NEW YORK LIFE
New York Life Insurance Company is America’s largest mutual life insurer and a top-five insurer across group life, accident, and disability insurance.
10,000+ employees
Insurance, Technology
VIEW COMPANY PROFILE >>
About Senior Associate - Security Analyst

  Location Designation:Hybrid

  When you join New York Life, you're joining a company that values career development, collaboration, innovation, and inclusiveness. We want employees to feel proud about being part of a company that is committed to doing the right thing. You'll have the opportunity to grow your career while developing personally and professionally through various resources and programs. New York Life is a relationship-based company and appreciates how both virtual and in-person interactions support our culture.

  New York Life is seeking a Security Analyst role for within the Security Operations Center (SOC). The Security Analyst will be responsible for executing both New York Life's cyber incident response procedures and assist with Security Information and Event Management (SIEM) operations in a 24/7/365 model. This role will work with both internal, cross-organizational, and offshore security teams in monitoring, actioning, and improving upon incident response processes for the CTSO Organization.

  Responsibilities:

  Monitor NYL sources of potential security incidents, health alerts with monitored solutions and requests for information. This includes the monitoring of real-time channels or dashboards, periodic reports, email inboxes, ServiceNow ticketing system, telephone calls, chat sessions.

  Follow documented incident-specific procedures to perform triage of potential security incidents to validate and determine needed mitigation.

  Escalate potential security incidents to Line 2 Personnel, implement countermeasures in response to others, and recommend operational improvements.

  Maintain awareness of the NYL's technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by NYL threat intelligence, and recent security incidents.

  Provide advanced analysis of the results of the monitoring solutions, asses escalated outputs and alerts from Level 1 Analysts

  Perform peer reviews and consultations with Level 1 Analysts regarding potential security incidents.

  Provide advice and guidance on the response action plans for information risk events and incidents based on incident type and severity.

  Devise and document new procedures and runbooks/playbooks as directed.

  Maintain compliance with processes, runbooks, templates and procedures-based experience and best practices.

  Provide malware analysis (executables, scripts, documents) to determine indicators of compromise, and create signatures for future detection of similar samples.

  Demonstrate knowledge of IBM QRadar SIEM navigation, administration, and implementation.

  Continuously improve the vigilance service by identifying and correcting issues or gaps in knowledge (analysis procedures, playbooks, NYL network models), false positive tuning, identifying, and recommending new or updated tools, content, countermeasures, scripts, plug-ins, etc.

  Scripting, regex, parser code writing to integrate various log sources along with SIEM tool for monitoring and analysis.

  Developing actionable use cases to detect, triage, investigate and remediate based on latest threat actor trends, including actual technical implementation of parsing log sources creating, validating, and testing alerting queries to reduce false positives.

  Leverage previous experiences, share best practices, and create innovative solutions to push user adoption and maximize the value of SIEM.

  Have a pragmatic approach to dealing with situations where confidentiality is important or where our work is of a sensitive nature. Helping maintain our NYL's strong professional relationships is integral to our business.

  Maintain a solid understanding of the NYL's culture, environment (people, process, technology), goals, and security initiatives and communicate all to the engagement team.

  Identify and recommend operational improvements to the NYL, drawing on SOC operational experience and industry specific knowledge of risks.

  Seek opportunities and offer guidance on how to improve SOC service delivery methodology including owning and driving internal improvement initiatives.

  Perform the cyber threat research and knowledge acquisition activities (such as malware, zero-day exploits, botnets, phishing sites etc.)

  Actively seek self-improvement through continuous learning and pursuing advancement

  Job Qualifications

  Bachelor of Science with a concentration in computer science, information systems, information security, math, decision sciences, risk management, engineering (mechanical, electrical, industrial) or other business/technology disciplines or equivalent work experience.

  3 to 5 years working in security information and/or technology engineering support.

  Certified Information Systems Security Professional (CISSP), Certification in Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Ethical Hacker (CEH) or equivalent (i.e., OSCP).

  SIEM certifications such as IBM QRadar, Splunk, etc. or experience interpreting, searching, and manipulating data within enterprise logging solutions(e.g., SIEM, IT Service Management (ITSM) tools, workflows, and automations (SOAR)).

  Experience in security technologies such as: Security information and event management (SIEM), IDS/IPS, Data Loss Prevention (DLP), Proxy, Web Application Firewall (WAF), Endpoint detection and response (EDR), Anti-Virus, Sandboxing, Network and Host based firewalls, Threat Intelligence, and Penetration Testing.

  Knowledge of Advanced Persistent Threats (APT) tactics, technics, and procedures

  Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.

  Proficient understanding of IT infrastructure and security architecture, networks management, network security, log management, ethical hacking and security assessment tools and relevant security technologies, such as malware management, network forensics, flow analysis, IDS/IPS, etc.

  Background and knowledge of general security concepts, such as defense-in-depth, least privilege, security architecture and design, threat modeling, etc.

  Ability to demonstrate an investigative mindset. Not just being able to execute a task but being able to understand the reason for that task and determine next steps depending on the results while maintaining a firm grasp of the overall goals of the entire process.

  Basic understanding of Industry standards in operations such as ITIL processes (e.g., Change Management, Configuration Management, Problem Management, Incident Management), Six Sigma standards, etc.

  Experience with scripting (BASH, PowerShell, etc.) and programming languages (Python, HTML, AQL, etc.).

  Demonstrable personal interest in computing, security, and digital communications.

  Excellent communication, listening & facilitation skills.

  Experience creating and delivering effective presentations as a means for communicating project and deliverable progress to NYL stakeholders.

  The ability to build and nurture positive working peer relationships within NYLs with the intention to exceed NYL expectations.

  #LI-KV1

  Salary range:$105,000-$160,000

  Overtime eligible:Exempt

  Discretionary bonus eligible:Yes

  Sales bonus eligible:No

  Click here to learn more about our benefits. Starting salary is dependent upon several factors including previous work experience, specific industry experience, and/or skills required.

  Recognized as one of Fortune's World's Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by theFoundation.We're proud that due to our mutuality, we operate in the best interests of our policy owners. We invite you to bring your talents to New York Life, so we can continue to help families and businesses "Be Good At Life." To learn more, please visit LinkedIn, our Newsroom and the Careers page of www.NewYorkLife.com.

  Job Requisition ID:89834

  Job Segment: Corporate Security, Loss Prevention, Network Security, Six Sigma, Computer Science, Security, Management, Technology

Comments
Welcome to zdrecruit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
SIMILAR JOBS
Data Analyst
Job Description 1. BI Analytics EcosystemTake ownership in the creation and maintanence of BI Analytics solutions using Power BI, creating solid and high quality data products and processes as well a
R&D Internship - Raw Material Introduction
Job Description Internship within RMI department and related departments to gain understanding of workflows andbusiness needs in the company. Problem definition, research, data collection, analysis t
Delivery Driver (Columbia, MO)
ARE YOU A CURRENT US FOODS EMPLOYEE? PLEASE APPLY DIRECTLY THROUGH OUR INTERNAL WORKDAY CAREER SITE. Join Our Community of Food People! BECOME A US FOODS® DRIVER! Ready to build a career with a compa
Network Connectivity Release Manager
Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how
SiteOps Data Center Operations Support Manager
CO Salary Range: USD 158,000.00 - 231,000.00 per year Meta is seeking a SiteOps Data Center Operations Support Manager to provide exceptional people, technical and operations leadership, in our West
Software Engineering SMTS- Data Science & ETL
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts. Job Category Software Engineering Job Details About
Software Engineer, Computer Vision - Reality Labs
Reality Labs at Meta is building products that make it easier for people to connect with the ones they love most, enjoy top-notch, wire-free VR, and push the future of computing platforms. We are a t
Dedicated Backhaul Driver
ARE YOU A CURRENT US FOODS EMPLOYEE? PLEASE APPLY DIRECTLY THROUGH OUR INTERNAL WORKDAY CAREER SITE. Join Our Community of Food People! BECOME A US FOODS® BACKHAUL DRIVER! Ready to build a career wit
Intelligent Data Platform - Industry and functional solutions lead
Role Overview: As Avanade's second largest practice by sales and revenue, this role reports directly to the global IDP practice leader to support an accelerated level of growth across the practice. T
Staff Database Engineer
Company Description Visa is a world leader in digital payments, facilitating more than 215 billion payments transactions between consumers, merchants, financial institutions and government entities a
Copyright 2023-2024 - www.zdrecruit.com All Rights Reserved