Digital Identity Defense Analyst

Job Description:

The Identity Defense organization aims to protect digital identities which allow access to the Bank's internal network, resources and applications. An Identity Defense analyst has the accountability for researching, designing, engineering, implementing, and supporting solutions to prevent and detect anomalous use of accounts.

Support design efforts related to build out of new processes, controls and supporting governance related to implementation of human and non-human account monitoring to protect the Bank. You will utilize in-depth technical knowledge and business requirements to help design and implement a scalable solution, inclusive of monitoring, alerting and escalation framework focused on core account protections. Leveraging your knowledge of both common and emerging threats related to account take-over, you will have an opportunity to proactively develop, implement and influence controls and policy within the digital identity domain. Partner with senior leaders from line of business organizations to triage security events and report on impacting security incidents.

You will regularly collaborate with experts in and out of our team, both in country and in other regions, so excellent communication skills are very important. Role will also involve discussion with employees as part of alert analysis and disposition.  If you are seeking a demanding role within Global Information Security (GIS) and have the required skills, this will be a great opportunity for you. Typically, applicants should have 5 to 7 years of cybersecurity or engineering experience.

Required Skills:

• Advanced cybersecurity monitoring and event analysis skills. The security analyst will leverage Splunk, SIEM, and other cybersecurity monitoring technologies to analyze traffic, activity, and events across the environment. Splunk experience is required.

• Data analysis/Data science skills.  The security analyst will analyze logs and other security telemetry using a combination of cybersecurity and data analytics tools.

• Strong Identity and Access Management control background

• Knowledgeable of current authentication based exploits. 

• Working knowledge of Linux, Windows, and OS X operating systems.

• Comfortable with scripting languages and regular expressions

• Strong knowledge of common network protocols

• Advanced knowledge of authentication protocols and telemetries

• Analyze data and evaluate relevance to a specific incident under investigation

• Experience designing solutions which meet or exceed regulatory guidelines (FFIEC)

• Present findings via written reports and orally to key stakeholders in clear and concise language

• Effectively communicates investigative findings to non-technical audiences

• MITRE ATT&CK Threat Framework/Threat Modeling

• Experience building operationally sustainable processes

Shift:

Hours Per Week: