Cyber Defense Analyst II
AIG
American International Group, Inc, (AIG), is a global insurance organization providing a range of insurance and other financial services. Get to know us better.
Position Description:
A cyber defense analyst will be responsible to execute a range of threat discovery duties including advanced SIEM analytics, packet analysis and digital forensics. This person will work as part of a team that conducts investigations into potential and actual cyber-attacks affecting AIG’s global business units, lines of business, or information technology infrastructure.
Position Responsibilities:
• Analyze reports, dashboards, and alerts to provide operational oversight of the security posture of the enterprise environment.
• Monitor and address all service tickets and digital correspondence coming into the queue(s) and engage resources as appropriate to resolve any outstanding issues.
• Support peers and senior personnel with documentation and metrics in a force multiplier role.
Minimum Requirements (Knowledge, Skills, and Abilities):
• Malware & Hacking Analysis - General knowledge of malware + worm + virus trends and behavior and the ability to work with teams to execute eradication procedures. Ability to identify various tactics, techniques and procedures and familiarity with sandbox detonation and interpreting results.
• Network & Packet Analysis - Ability to create a PCAP for network traffic using on-prem tools, interpret packet header information, and trace host & user network behavior using on-prem tools.
• Phishing Triage - Ability to analyze message headers and identify actionable indicators for remediation. Conduct research & correlation analysis on domain registrations and familiarity with sandbox detonation and interpreting results.
• Project Management - Ability to complete a project action item.
• SIEM Support - Ability to conduct temporal analysis on a given data field.
• Threat Intelligence - Contextualize threat intelligence reports and create indicators and demonstrate proficiency in attribution research using 3rd-party or on-prem tools.
Experience:
Minimum of one (1) year of experience in Information Security, and at least one (1) year of practical experience in a Security Operations Center (SOC) environment and/or experience with security monitoring, event and anomaly analysis and intrusion detection/prevention.
Formal Education & Certification:
** NOTE: An equivalent combination of experience, education and/or training may be substituted for the listed requirements.
Working Conditions:
The analyst will be expected to perform shift work as part of a 24x7 global team, occasionally requiring weekend and off-hours work.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
