Sr Analyst - Cyber Security

Job Description:

Position Overview

The primary responsibility of the Senior Analyst – Cyber Security is to provide expert analysis and respond to events and incidents escalated from SOC Analyst Level 2. The role also assists with the tuning of cyber security appliances and provides expert guidance to the SOC team.  This team member is considered a SOC subject matter expert.
 

All duties are to be performed in accordance with departmental and Las Vegas Sands Corp.’s policies, practices, and procedures. All Las Vegas Sands Corp. Team Members are expected to conduct and carry themselves in a professional manner at all times. Team Members are required to observe the Company’s standards, work requirements and rules of conduct.

Essential Duties & Responsibilities

• Conduct in depth analysis and respond to alerts from security appliances.

• Quickly respond to escalated email events including phishing and malware.

• Ability to conduct deep packet inspection and articulate findings.

• Invoke event and incident response as needed.

• Prepare event and incident documentation as needed

• Work closely with all Global SOC team members, Information Technology, business units, and management.

• Quickly determine which alerts escalated to you from a Level 2 SOC Analyst need immediate action and which alerts to wait and watch.

• Monitor, evaluate, and assist with the maintenance of assigned security systems in accordance with industry best practices to safeguard internal information systems and databases.

• Maintain an expert understanding of vulnerabilities, response, and mitigation strategies used to support cyber security operations.

• Responsible to provide metrics and reports on data as assigned.

• Perform job duties in a safe manner.

• Attend work as scheduled on a consistent and regular basis.

• Performs other related duties as assigned.

Minimum Qualifications

• At least 21 years of age.

• Proof of authorization to work in the United States

• Bachelor's degree in MIS or similar technical program or acceptable industry and work experience.

• Must be able to obtain and maintain any certification or license, as required by law or policy.

• 5+ years’ experience configuring and working with information technology systems.

• 2+ years of Security Operations Center experience.

• Technical Certifications: Current, relative industry certifications and continuing education.

• Must be able to work collaboratively with the global team.  This position will work with Level 1 and Level 2 analysts, Information Technology, business units, and with various levels of management regularly.

• Ability to quickly ascertain the nature of alerts, events, or incidents brought to your attention and calmly formulate and communicate a plan for response.

• At least three years’ experience identifying and responding to alerts and anomalous activity.

• Demonstrate ability to create and write concise reports.

• Ability to prepare and present information to Senior Management.

• Expert understanding of network traffic, i.e., Transmission Control Protocol/Internet Protocol (TCP/IP), Internet traffic, and mail.

• Expert understanding of network protocols, network devices, multiple operating systems, websites, databases, applications and operating systems.

• Expert technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, anti-malware solutions, automated policy compliance tools, and desktop security tools.

• Experience using, configuring, installing, and tuning information security applications and appliances.

• Hands-on experience with McAfee security suite or similar.

• Hands-on experience with industry best practice surveillance tools for networks, hosts, databases, applications and operating systems.

• Expert understanding of encryption technologies and their configuration.

• Expert understanding of cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.

• Thorough understanding of alerts from many different security and network sources with the ability to quickly ascertain their relevance and actionable steps.

• Working knowledge of one of the following platforms is preferred: IBM iSeries, Linux, or MS Windows.

• Ability to quickly assess network activity and system configuration for anomalous activity to determine system security status.

• Mentor and assist team members when necessary. Be able to work in a collaborative team environment. 

• Strong interpersonal skills with the ability to communicate effectively and interact appropriately with management, other Team Members and outside contacts of different backgrounds and levels of experience.

• Must be able to work varied shifts, including nights, weekends and holidays.

Physical Requirements

Must be able to:

• Physically access assigned workspace areas with or without reasonable accommodation.

• Work remotely as necessary

• Work indoors and be exposed to various environmental factors such as, but not limited to, CRT, noise, and dust.

• Utilize laptop and standard keyboard to perform essential functions of the job.