Sr. Cyber Security Analyst (EDR)

Job Description

Overview

The Sr. Cybersecurity Analyst is expected to possess a high level of knowledge and experience in various security domains and technologies.

This skillset will enable them to work as part of the Security Operations Center (SOC), providing security monitoring and protection services to our SIEM and MEDR customers.

They will be tasked primarily with the analysis of security events, having the responsibility to provide 'tier 2' investigation support.

Secondarily, this position will contribute to the lifecycle ownership of managed security services, including new customer onboardings and operational support.

This position will work closely with the Security Operations Center manager, peer analysts, engineers, and other teams within the All Covered / Konica Minolta ecosystem to accomplish these goals.

Responsibilities

• Lead security incident investigations, conducting in-depth technical analysis (including host and network-based forensics)
• Evaluate security solutions and monitor various Security blogs, alerts and notifications, RSS feeds and forums in order to keep abreast of the latest security news, attacks, threats, vulnerabilities and exploits
• Review and analyze data and network traffic from numerous security tools such as full packet captures and security device logs in order to detect traffic anomalies, identify infected systems and determine lateral movement of infections across the network
• Contribute to incident response, maintaining relevant communication in emails, ticket summaries, analysis and reporting.

Work with Incident Handlers to provide recommendations for remediation of compromised systems and any relevant counter-measures

• Perform malware analysis, identify areas of persistence on user devices and detect indicators associated with malware or specific Advanced Persistent Threat (APT) techniques
• Review, create or document standard operating procedures, recommendations, project specific documents and resource guides as needed

Qualifications

• Minimum 5 years' experience in the Cyber Security field, with senior level experience analyzing and responding to alerts from a SIEM & EDR platform.
• 2-3 years' experience administering & providing operational support in security disciplines (e.g. incident response, threat hunting, investigations, security infrastructure management, or monitoring services)
• 1+ years experience in content management work (e.g. develop custom detection rules, custom integrations, developing scripts, etc)
• SentinelOne experience is highly preferred
• Industry standard information security and incident response certifications (CISSP, GCIA, GCIH, GREM, etc) are a plus.
• Memberships and participation in relevant professional associations.
• In-depth knowledge of network intrusion methods, network containment and segregation techniques
• In-depth knowledge of operating systems (Windows & UNIX, Mac OS X a plus)
• Expert understanding of TCP / IP networking, routing protocols and full packet capture analysis
• In-depth network security expertise including firewall, IDS and IPS
• Experience building baselines of network activity for use in anomaly detection
• Experience with proactive threat hunting techniques and concepts in an enterprise environment.
• Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
• Knowledge of typical behaviors of both malware and malware authors
• Static and dynamic malware analysis experience
• Experience using and writing custom signatures for IDS
• Digital forensics experience focusing on Windows systems from a malware perspective
• Knowledge of enterprise systems and infrastructure
• Proven understanding of log parsing and analysis at a large scale with data clustering tools or techniques
• Experience with a scripting language such as Perl, Ruby, Python, and BASH

People skills :

• Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors.
• Able to work under pressure in time critical situations.

Process Skills :

• Strong attention to detail in conducting forensic analysis combined with an ability to accurately record full documentation in support of the investigation.
• Detailed knowledge of current international best practices in the incident response arena.

Communication Skills :

• Excellent written and verbal communication skills are required.
• Ability to communicate effectively with business representatives in explaining impacts and strategies and where necessary, in layman's terms.

About Us

Konica Minolta's journey started 150 years ago, with a vision to see and do things differently. We innovate for the good of society and the world.

The same purpose that kept us moving then, keeps us moving now. Konica Minolta Business Solutions U.S.A., Inc. is reshaping and revolutionizing the workplace to achieve true connectivity through the Intelligent Connected Workplace .

The company guides and supports its clients' digital transformation through its expansive office technology portfolio, including IT Services ( All Covered ), intelligent information management, managed print services and industrial and commercial print solutions.

Konica Minolta has been included on CRN's MSP 500 list nine times and The World Technology Awards named the company a finalist in the IT Software category.

Konica Minolta has been recognized as the #1 Brand for Customer Loyalty in the MFP Office Copier Market by Brand Keys for sixteen consecutive years, and is proud to be ranked on the Forbes 2021 America's Best-in-State employers list .

The company received Keypoint Intelligence's BLI 2021 A3 Line of The Year Award and BLI 2021-2023 Most Color Consistent A3 Brand Award for its bizhub i-Series .

Konica Minolta, Inc. has been named to the Dow Jones Sustainability World Index for nine consecutive years and has spent six years on the Global 100 Most Sustainable Corporations in the World list .

Konica Minolta partners with its clients to give shape to ideas and works to bring value to our society. For more information, please visit us online and follow Konica Minolta on Facebook , YouTube , LinkedIn and Twitter .

EOE Statement

Konica Minolta is an equal opportunity and affirmative action employer. We consider all qualified applicants for employment without regard to race, color, religion, creed, national origin, sex, pregnancy, age, sexual orientation, transgender status, gender identity, disability, alienage or citizenship status, marital status or partnership status, genetic information, veteran status or any other characteristic protected under applicable law.