Change the future with us.
We are looking for dedicated and talented people who tackle ever-changing challenges, customer needs, and questions from colleagues with clever concepts and creativity. We embrace change and work with curious minds re-inventing the future of work. Join us and let us focus together on what’s truly important: making lives better with new ideas and the latest technology around the world.
In Siemens we foster an inclusive culture and we offer equal opportunities for all, and we do not tolerate any discrimination regardless of interests, race, color, religion, gender, sexual orientation, gender identity and expression, marital status, nationality, disability, or any other situation protected by federal, state, local laws or internal policies, granting the same employment opportunities to all candidates.
The Cyber Security Analyst will be part of the Cyber Defense Center for the Americas (CDC), which is tasked with the primary mission to detect, analyze, investigate, and defend against sophisticated digital attacks.
In this position, the Cyber Security Analyst will report to the Head of the Cyber Defense Center for the Americas and be part of the Threat Detection and Analysis team. The Cyber Security Analyst will work alongside peers and actively contribute to alert triage, investigations, and provide input to different approaches to threat detection and response.
What will you do?
The analyst will be expected to contribute to the following activities:
• Correlate actionable security events from various log sources which either feed or supplement the Security Information and Event Management (SIEM) solution
• Review threat data from various sources, and develop custom signatures for open source Intrusion Detection Systems (IDS) or other custom detection capabilities
• Perform network traffic analysis
• Employ advanced forensic tools
• Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
• May conduct malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols
• Interface with remote team members located across the globe
What will you need to succeed?
• Associate degree in a Computer Science/Engineering or Information Technology related field required, Bachelor’s degree preferred
• 5+ years of successful work experience in IT technologies including networking, operating systems, or a related field
• Knowledge of networking protocols (such as TCP, UDP, DNS, FTP, SMTP, DHCP, etc.)
• Knowledge of Windows operating system functionality (file system structure, registry keys, scheduled tasks, processes, services, memory management, data storage, etc.)
• Capable of learning new concepts and processes quickly, and adapting to a constantly changing environment
• Ability to apply advanced skill set to resolve complex problems
• Excellent analytical and critical thinking skills
• Excellent interpersonal and communication skills (verbal & written)
• Team player
• Required Travel: <10%
Preferred Knowledge/Skills, Education, and Experience:
The following knowledge/skills, education, and experiences are preferred:
• Experience managing an investigation; understanding the methodologies for investigative triage, case/investigation definition, etc.
• Application of common Cyber Security concepts including Intrusion Detection Systems, Host Intrusion Prevention Systems, and Anti-Virus Solutions
• Understanding of the Windows File System structure, and ability to recover deleted files, search hidden files, and access registry keys
• Knowledge of Operational Security (OpSec) principles for cyber operations with an emerging understanding of the relationships between the cyber domain disciplines
• Ability and experience capturing and analyzing volatile (in-memory) data
• Experience with network signature development with tools such as SNORT, NetFLOW, WireShark, tcpdump or related tools
• Experience with central log collection, indexes, searching and analysis
• Ability to interpret logs in the context of security events/intrusions and make accurate conclusions
How to apply?
We are looking forward to receiving your online application. Please ensure you complete all areas, of the application form, to the best of your ability as we will use this data to review your suitability for the role.
Company: Siemens Servicios S.A. de C.V.
Experience Level: Experienced Professional
Job Type: Full-time