Cyber Intelligence Analyst Requisition ID: (21010186) Primary Location: Philippines-National Capital Region-Quezon City
Job Function: Information Technology
Job Posting Date: Jul 23, 2021, 1:12:48 AM
Description
The Cyber Intelligence Analyst primary function is to fulfil various roles in Emerson Computer Incident Response Team’s (CIRT) mission to defend Emerson information systems and resources against cyber security threats.
The Cyber Intelligence Analyst is responsible for delivering effective and efficient enterprise wide security incident response. By proactively detecting advanced threats targeting Emerson’s information infrastructure and coordinating enterprise wide incident response, they ensure that information security incidents are properly identified, escalated, and resolved.
The Cyber Intelligence Analyst will perform highly technical duties including system analysis, malware analysis, indicator extraction, signature development, and network traffic analysis. Reporting will include lessons learned, root cause analysis, campaign development, and both tactical and strategic mitigations. The employee will be expected to analyze various forms of forensic data to determine root cause, develop a timeline for IR activities, and articulate findings in technical detail as well as at an executive summary level.
This individual focuses on executing incident response plans, processes, and procedures and performing root cause analysis. They need to be able to define the severity of threats, risks and vulnerabilities and prioritize them accordingly. They are is also responsible in the contextual analysis of indicators of compromise and attacker tactics, techniques and procedures (TTPs).
Responsibilities
Detection
Responsible for monitoring all incoming alerts (Network / EndPoint / Suspicious Email)
Response
Responsible for validating incoming alerts if true or false positive
Responsible in acquiring pertinent data to analyze a security incident
Responsible in determining the severity of a validated security incident
Responsible for monitoring and ensuring continuous communications with the Site Administrators in order to resolve the incident
Responsible to contain the hosts with active compromises beyond 48 hours of sending remediation emails
Responsible to inform incidents to the rest of the team as necessary
Responsible for Root Cause Analysis of an incident
Document analysis
Contribute to the automation of processes and capabilities
Principal Function Responsibilities:
Monitor, identify, respond, investigate and document the resolution of computer and network security compromises
Provide remediation support to compromised computers or IT systems
Global coordination of security incidents to Business Unit stakeholders
Carry out data analysis to determine root cause of security incidents
Responsible for researching and maintaining proficiency tools; including researching techniques, countermeasures and trends in computer and network vulnerabilities
Contribute to alert signatures tuning;
Maintain an understanding of current and emerging information security threats and vulnerabilities
Business Understanding:
Must have excellent written and verbal skills
Exceptional interpersonal skills, with a focus on rapport-building, listening, and questioning skills.
Experience in effectively communicating with a broad base of end users and multiple management layers.
Strong desire to grow technically and professionally
Must have strong personal initiative
Strong sense of accountability
Must have an outstanding attitude and desire to ensure customer satisfaction
Requirements
Education:
BS in Information Technology/Engineering/any Science or related area, may be substituted with years of experience in field. Fluent in English
EXPERIENCE / SKILLS
1-5 years of technical work experience supporting an enterprise scale Computer Network Defense (CND)/ Intelligence capacity
Problem solving
Ability to communicate/interact with various audiences, including executives
Familiarity with CND based analytical frameworks (Kill Chain, MITRE ATT&K, Pyramid of Pain, Racetrack, etc)
Familiarity with external intelligence enrichment sources (VirusTotal, PassiveTotal, etc)
Familiarity with Linux CLI tools (awk, sed jq, etc)
Experience writing signatures for use in industry standard network defense tools (yara, etc)
Familiarity with at least one scripting language (python, powershell, etc)About EmersonAt Emerson, we are innovators and problem-solvers, focused on a common purpose: leaving our world in a better place than we found it. Each and every day, our foundational values—integrity, safety and quality, supporting our people, customer focus, continuous improvement, collaboration and innovation—inform every decision we make and empower our employees to keep reaching higher.As a global technology and engineering leader, we provide groundbreaking solutions for customers in industrial, commercial, and residential markets.Our Automation Solutions business helps process, hybrid, and discrete manufacturers maximize production and protect personnel and the environment while optimizing their energy and operating costs. Our Commercial & Residential Solutions business helps ensure human comfort and health, protect food quality and safety, advance energy efficiency and create sustainable infrastructure.Emerson, a Fortune 500 company with $17.4 billion in sales, more than 20 Innovation, Solutions & Engineering Centers, and 200 manufacturing locations worldwide, is committed to helping employees grow and thrive throughout their careers.Whether you're an established professional looking for a career change, an undergraduate student exploring options or a recent MBA graduate, you'll find a variety of opportunities at Emerson. Join our team and start your journey today.
