BankUnited, Inc. (BKU) is a bank holding company, and they are seeking a Cyber Security Analyst I to join their Cyber Threat Unit. This role is responsible for proactive assessment and analysis of cyber risks, responding to incidents, and implementing measures to combat potential threats.
Monitor and analyze network traffic, Intrusion Detection/Prevention Systems (IDS/IPS), Data Loss Prevention (DLP) events, security events and logs.
Perform secondary reviews and maintain Data Loss Prevention (DLP) systems and policies.
Understand a variety of security and compliance policies and incident response processes.
Review daily reports and files to ensure compliance to policies and standards.
Escalate non-compliance issues to the appropriate group and follow-up on remediation actions
Work with internal customers to respond to escalations.
Prioritize and differentiate between potential intrusion attempts and false alarms.
Determine if security events monitored should be escalated to incidents and follow all applicable incident response and reporting processes and procedures.
Create and track security investigations to resolution.
Open and assign tickets to the correct resolver, and validate/close tickets related to false positives.
Provide investigation, triage, and mitigation of detected security events.
Compose security alert notifications and other communications.
Advise incident responders in the steps to take to investigate and resolve computer security incidents.
Stay up to date with current vulnerabilities, attacks, and countermeasures.
Work closely with the SNOC 24x7 operations team, network and system administrators, other appropriate IT/IS groups and business lines to provide incident response (IR) support and determine the risk of a given event.
Implement and monitor controls necessary to ensure processes are performed and are effective to protect the environment from all forms of malicious cyber activity.
Conduct Digital Forensics and Incident Response (DFIR) analysis of suspected compromised systems.
Assist in establishing procedures for handling each security event detected.
Keep abreast of emerging technology and public policy trends in the information security space.
Assist in the gathering and analysis of the current and future threat landscape, and assist the SNOC Manager in providing leadership with a realistic overview of risks and threats in and to the organization.
Maintain knowledge of the current security threat level by monitoring related threat intelligence sources as necessary.
Utilize intelligence provided by the Threat Intelligence team from past or current events to improve detection, update monitoring and possibly facilitate prevention of successful cyber attacks.
Provide advice on IT initiatives, IT business projects, and IT engineering in regards to security industry best practices.
Adheres to and complies with applicable, federal and state laws, regulations and guidance, including those related to anti-money laundering (i.e. Bank Secrecy Act, US PATRIOT Act, etc.).
Adheres to Bank policies and procedures and completes required training.
Identifies and reports suspicious activity.
Qualification
Required
Bachelor's Degree in Computer Science, Information Assurance, Cyber Security or related field or equivalent combination of work with certifications is required
An understanding of network and host based DLP technologies, processes, policies and procedures
Basic understanding of regulatory compliance initiatives related to Sarbanes Oxley (SOX), and the Gramm-Leach-Bliley Act (GLBA)
Proficiency with a Security Incident handling tool (ie SIEM, ESEM)
Experience with Security orchestration Automation Response (SOAR)
Working knowledge of monitoring tools
Familiar with Active Directory, group policies and role based concepts
Possess a working knowledge of TCP/IP and the functions of Network technologies
Possess a working understanding of Network security devices, IPSec VPNs, TCP/IP, Routing, Switching, VRF, VLANS, Bandwidth Utilization, and Load Balancers
Strong analytical and problem solving skills
Good interpersonal, organizational, writing and communications skills
Ability to work well in a team environment as a whole
Ability to perform multiple projects simultaneously
CISSP Certified Information Systems Security Professional
CEH Certified Ethical Hacker
SANS/GIAC Training or certifications
SSCP Systems Security Certified Professional
Cloud Certifications (e.g. AWS)
Security+
Certificate in Cyber Security
Firm understanding of penetration testing and vulnerability assessments
A strong networking background
Demonstrated understanding of TCP/IP networking
Preferred
Experience in cloud security, or cloud administration
Experience with cloud security tools and technologies, such as AWS Security Hub, Azure Security Center, GCP Security Command Center, etc.
Experience with scripting languages
Familiarization of cyber and cloud security standards, frameworks, and guidelines such as NIST, PCI-DSS, MITRE, OWASP, etc.
Cyber security analysis, incident response, or related security experience preferred
Benefits
BankUnited, Inc. (BKU) is a bank holding company with three wholly owned subsidiaries:
Glassdoor
4.0
Founded in 2009
Miami Lakes, Florida, USA
1001-5000 employees
https://www.bankunited.com/
BankUnited, Inc. (BKU) is a bank holding company with three wholly owned subsidiaries:
