Cyber Security Analyst II

Horizon BCBSNJ employees must live in New Jersey, New York, Pennsylvania, Connecticut or Delaware

Job Summary:

The Cyber Security Analyst II supports a 24/7/365 Security Operations Center (SOC) and provides 2nd Tier analysis and response to security events. Actively prepares for, and hunts for, malicious internal and external threats as a part of our cyber incident response program in the Security Operations Center (SOC). CSA II will analyze malware, emerging threats and emerging risks. The role will report to the Manager, Cyber Security.

Responsibilities:

• Performs daily incident detection and response operations. The CS Analyst II will be responsible for monitoring, investigating, researching and analyzing the intrusion and developing prevention tools and systems. Monitoring and scanning servers for intrusion.
• Audit and review security and audit logs for firewall, IPS, IDS, Wireless, IdM, SPAM, Internet, content filtering, WAN/LAN routers, wireless AP's and servers, as e-mail activity. Utilize tools to analyze attack patterns, inappropriate / out of policy activity, or access misuse. Report all violations to the appropriate personnel for review and corrective action.
• Analyzes and escalates (as appropriate) relevant Information Security Event information. Takes action to handle high severity issues including escalating to other business areas as necessary and providing potential resolution or areas of improvement.
• Triage the incident details and provide support to Business Managers.
• Analyze events from a response perspective: apply skill and judgment to determine if escalations are warranted.
• Specializes in network and/or host analysis, and/or malware analysis, and/or log-centric analysis
• Clearly and concisely document observations. The CS Analyst will be responsible for creating and maintaining reports on performance Indicators and weekly and Monthly Metrics in order to maintain historical records and identify trends, etc.
• Collaborates with peers to implement changes to analysis tools as required, including inclusion of log sources/types and refinement of alerts/signatures
• Work with HR and SIU as necessary to provide additional details for escalated cases as necessary.
• Technical consultant for the IT department to plan, implement and support new and existing security technologies; Serve as an expert in technical field of knowledge.

Disclaimer:

This job summary has been designed to indicate the general nature and level of work performed by colleagues within this classification. It is  not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of colleagues assigned to this job.

Qualifications:

• High School Diploma/GED required
• Bachelor degree preferred or relevant experience in lieu of degree
• 5-7yrs Cyber security related work experience.
• Minimum 1 year prior experience detecting/responding to cyber incidents or similar

Additional Requirements:

• 5-7 years' experience with Intrusion Event Systems (IDS) analysis or with host forensics (timeline analysis, registry analysis, etc.) or with network forensic tools & techniques and memory forensic tools and techniques

Additional licensing, certifications, registrations:

• Certified in one or more of the following: HCISPP, SANS GIAC (GCIH, GCIA, GMON, GCED, GCDA, GPEN, etc.), CEH, or technology specific (proxy, data loss prevention, firewall, etc)
• SPLUNK highly preferred
• Knowledge:
• Requires an excellent understanding of IT security concepts with an emphasis on advanced detection, digital forensics and response
• Requires excellent knowledge of IT and computer systems
• Demonstrated experience with Windows and/or Linux operating systems and
• Demonstrated understanding/familiarity with networking fundamentals including subnetting, TCP/IP, protocols such as SSL, DNS, http, etc.)

Desired skills:

• Familiarity with scripting / programming (Python, Powershell etc.)
• Malware analysis & reverse engineering skills are a plus
• An understanding of APT, cyber-crime, botnets and associated Tools, Tactics and Procedures
• Strong verbal and written communication skills
• Experience with IDS, Network Forensics, Network Security Monitoring (NSM) and netflow tools and analysis
• IT infrastructure background including familiarity with the following:
• Networking (TCP/IP, UDP, Routing)
• Applications (HTTP, SMTP, DNS, FTP, SSH, etc.)
• System/Application vulnerabilities and exploitation
• Operating systems (Windows, *Nix, and Mac)
• Skills and Abilities:
• Requires exceptional analytical thinking skills or Excellent analytical and problem solving skills
• Requires excellent verbal and written communication skills
• Requires excellent interpersonal skills and the ability to work effectively with others as a team
• Requires excellent PC skills and demonstrated proficiency with MS Office Suite
• Requires the ability to handle multiple tasks and prioritize effectively
• Detail oriented and excellent organizational, time and stress management skills
• Ability to work well individually as well as in a team environment
• Self-starter with demonstrated ability to make decisions

Travel (If Applicable):

Salary Range:

$94,900 - $129,570

​This compensation range is specific to the job level and takes into account the wide range of factors that are considered in making compensation decisions, including but not limited to: education, experience, licensure, certifications, geographic location, and internal equity.  This range has been created in good faith based on information known to Horizon at the time of posting.  Compensation decisions are dependent on the circumstances of each case. Horizon also provides a comprehensive compensation and benefits package which includes:

• Comprehensive health benefits (Medical/Dental/Vision)

• Retirement Plans

• Generous PTO

• Incentive Plans

• Wellness Programs

• Paid Volunteer Time Off

• Tuition Reimbursement

Horizon Blue Cross Blue Shield of New Jersey is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, protected veteran status or status as an individual with a disability and any other protected class as required by federal, state or local law.  Horizon will consider reasonable accommodation requests as part of the recruiting and hiring process.