Cyber Security Incident Response Analyst - IT
P&G is transforming its Information Security organization to address the shifting cybersecurity landscape and we want you to be a part of this exciting journey.
Are you ready to join our Cyber Security Incident Response Team whose mission is to reduce risk for P&G by providing rapid, accurate, and effective identification, containment, and remediation of cyber intrusions into the P&G network. As a Cyber Security Investigator (CSI) you will work in a high impact mission-critical network security environment, providing technical expertise, and leadership to cyber security investigations. The CSI will utilize a deep understanding the P&G network, current intrusion detection technology, firewall logging and settings coupled with alerts from ArcSight SIEM and other monitoring capabilities to perform
• Incident Response
• Network surveillance
• Data mining, and data manipulation, and
• Consulting for the P&G internal and external network team
This is a full-time position located in Cincinnati, Ohio.
You will conduct deep technical investigations, resulting in successful root cause analysis of intrusions and enhancement in technical controls and other risk reduction methodologies. Additionally, you will provide support in evaluation and operational implementation of new analysis tools, processes and vendors and products. Duties may include:
• Leading incident investigations
• Conducting incident analysis – data collection, intrusion analysis, forensics, remediation
• Employing advanced forensic tools
• Performing network traffic analysis
• Reviewing threat data from various sources and develops custom signatures for Open Source Intrusion Detection Systems (IDS) or other custom detection
• Correlating actionable security events from various sources including Security Information Event Management (SIEM) system data and developing unique correlation techniques
• Utilizing understanding of attack signatures, tactics, techniques and procedures associated with advanced threats
• Conducting malware analysis of attacker tools providing indicators for enterprise defensive measures, and reverse engineer attacker encoding protocols
• Interfacing with external entities in an operational environment
• Documenting investigation activities to provide enhanced intelligence to the team and other cyber security activities inside P&G
• Performing full range of standard work described above and applies advanced skills to resolve complex problems.
• Ability to thrive and effectively prioritize and execute tasks in high-stress environments.
• Strong analytical skills, able to leverage complex data to identify opportunities, recognize problems, and draw logical conclusions.
• Ability to produce and present technical information to both technical and non-technical personnel.
• Good temperament, ability to manage stressful situations. Ability to provide customer-facing support in a professional manner.
• Team work; establish and maintain effective and appropriate working relationships with those contacted during the work day.
• Ability to build capability in other analysts through on-the-job training and knowledge sharing.
Technical Competencies and Experience
Technical certification, strong knowledge and experience in the following is highly desired:
• Preferred Certifications: CISSP, MCSE, CCNA, Comp TIA Security+, GIAC Security Essentials, CERT
• Working experience with Linux/UNIX system administration, along with network (router and switch), Web server, firewall, or DNS administration
• Working experience with various IDS/IPS, NetFlow, and protocol collection and analysis tools such as Snort, Suricata, Bro, Argus, SiLK, tcpdump, WireShark,
McAfee IntruShield and ePolicy Orchestrator (EPO)
• Deep technical experience with various log aggregation and SIEM tools such as ArcSight or Splunk
• Working experience with vulnerability assessment and penetration testing tools such as Metasploit, CORE Impact, Immunity Canvas, or Kali Linux
• Working knowledge of entire TCP/IP or OSI network protocol stack, including major protocols such as IP, Internet Control Message Protocol (ICMP), TCP, User Datagram Protocol (UDP), Simple Mail Transfer Protocol (SMTP), Post Office Protocol 3 (POP3), Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and SSH
• Working knowledge of popular cryptography algorithms and protocols such as Advanced Encryption Standard (AES), Rivest, Shamir, and Adleman (RSA), MessageDigest Algorithm (MD5), Secure Hash Algorithm (SHA), Kerberos, Secure Socket Layer/ Transport Layer Security (SSL/TLS)
• Experience with programming and scripting languages and text manipulation tools such as Perl, Ruby, and Python
• Knowledge of Windows and other Operating Systems and work with media forensics and analysis tools such as AccessData FTK or EnCase Forensics.
• Malware reverse engineering knowledge of assembly code in Intel x86 and other popular architectures, malware analysis frameworks such as ThreatTrack
ThreatAnalyzer and FireEye AX, and various utilities that aid in malware analysis, such as SysInternals, and tool suites used to decompile and examine malware
• Bachelor’s degree in Information Systems, Information Technology (IT), Computer Science, Engineering, or other technical/IT field or at least 5+ years of relevant experience
• In-depth knowledge and expertise in collecting, analyzing, and escalating security events; responding to computer security incidents, and/or collecting, analyzing, and disseminating cyber threat intelligence.
• Available to work off hours during the evenings and weekends as required, sometimes with little advanced notice.
• The hired applicant must have, or be willing to obtain within 1 year, the Certified Information System Security Professional (CISSP) certification. P&G provides study preparation and exam cost coverage
• Must be willing to work from the Cincinnati Procter & Gamble office location
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, disability status, age, sexual orientation, gender identity and expression, marital status, citizenship, HIV/AIDS status or any other legally protected factor.
Immigration sponsorship is not available for this position. Applicants for U.S. based positions are generally required to be eligible to work in the U.S. without the need for current or future sponsorship. Except in rare situations based on Procter & Gamble's sole discretion. Procter & Gamble does not sponsor candidates for permanent residency. Any exceptions would be based on the Company's specific business needs at the time and place of recruitment as well as the particular qualifications of the individual.
Procter & Gamble participates in e-verify as required by law.
Qualified individuals will not be disadvantaged based on being unemployed.
Join our Talent Community to receive via email information about P&G, upcoming events, and job alerts.
SIGN UP FOR: