Cybersecurity Analyst - (IR)

At Nielsen, we are passionate about our work to power a better media future for all people by providing powerful insights that drive client decisions and deliver extraordinary results. Our talented, global workforce is dedicated to capturing audience engagement with content - wherever and whenever it’s consumed. Together, we are proudly rooted in our deep legacy as we stand at the forefront of the media revolution. When you join Nielsen, you will join a dynamic team committed to excellence, perseverance, and the ambition to make an impact together. We champion you, because when you succeed, we do too. We enable your best to power our future.
About Job:Nielsen is the industry’s most trusted data analytics solution for video content across all platforms and devices. We follow modern security practices to uphold the privacy and security of all our data and systems.
We are currently looking for a talented Cybersecurity Analyst interested in joining our Cyber Security Incident Response team.  In this role you will be investigating, responding to, and triaging threats and incidents while helping to improve our overall security capabilities. This role needs to be able to communicate and collaborate professionally with other members of the organization from end users to senior management in order to resolve these threats.
Nielsen provides all its employees with opportunities for education & training, including reimbursement for certification or degree programs and the chance to attend training conferences. We also provide an unlimited PTO program and advancement opportunities along a technical or managerial path of your preference.

Responsibilities:

• Perform host/network based forensic investigations to collect and preserve evidence related to incidents.
• Managing incoming queues of detection alerts, threat reports and security incidents.
• Interact with our Managed Security Service Provider (MSSP) to investigate and resolve issues.
• Prioritizing and triaging competing incidents to maintain Service Level Agreements (SLA).
• Managing investigations including escalation, organizing unstructured work and engaging resource teams across the company.
• Managing urgency and visibility to ensure timely response by all involved parties.
• Owning an incident for it’s full lifecycle, including after action reviews and follow up actions.
• Communication and coordination with other cyber security professionals,  internal teams, and law enforcement agencies as needed to address incidents and threats.
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response.
• Create and maintain documentation including incident response plans, standard operating procedures, and knowledge base articles.
• Rotating on-call coverage

A little about you:

• Strong problem solving abilities that help to drive forward incidents to completion and help keep Nielsen secure.
• Your effective communication skills helps in collaborating with key stakeholders, and for translating technical jargon into understandable terms.
• It is important that you stay current on new attack vectors, technologies, tools, and best practices as they change over time.
• You have an open mind and a keen eye for details to detect anomalies and potential security issues others may overlook.
• A true passion for cybersecurity and a commitment to safeguarding an organization from threats.

Qualifications:

• Bachelor’s degree or 1-2 years relevant cybersecurity experience preferred.
• Experience with Cybersecurity Incident Response, Digital Forensics, Timeline Analysis or related.
• Experience or knowledge of current information security solutions and technologies, including cloud, network and host based products.
• Effective and efficient investigative skills across multiple technologies.
• Excellent verbal and written communication skills including a focus on providing continuous, proactive communications to management, peers, and stakeholders while working on incidents.
• Ability and willingness to continually learn and hone cybersecurity skills.
• Cybersecurity certifications preferred (e.g. CISSP, Sec+, SANS/GIAC).
• Familiarity with Python and Powershell a plus.
• Experience automating tasks via scripting or other tools (Tines,or similar SOAR)  a plus.

Technologies you may work with include:

• Security Incident and Event Management (Devo, Splunk, or similar).
• Network Intrusion Detection Systems (OSSEC, Juniper, Palo Alto, or similar).
• Endpoint detection and response (CrowdStrike, Defender, or similar).
• Enterprise level E-Mail security (Google, O365, or similar).
• Digital Forensics and Incident Response tools (Cado, EnCase, FTK, or similar).
• Most operating systems (Windows, Linux, MacOS).
• Public cloud/PaaS (e.g. AWS, GCP, Azure).
• Virtualization and Containers (VMware, Docker, Kubernetes, or similar)