Description The Cyber Defense Analyst III will support one or more of the following areas, as follows: Detection Responsible for performing triage of security events that are escalated to the team. This role involves following established processes and procedures to observe events, collect additional data necessary to assess the threat, and escalate or refute the event as needed.
Primary Responsibilities: ??? Monitor and respond to events escalated through the Security Information and Event Management (SIEM). ??? Interface with CME Group employees that are reporting security issues through established communication channels. ??? Document security events in Incident Tracking System. ??? Provide support for Junior Analysts in validation and assessment of security events. ??? Assist with documentation and creation of new event monitoring and triage processes. ??? Involved in creating new detection measures and working with other CDT functions on proactive threat hunting engagements. Personal Attributes: Response Responsible for performing validation of escalated security events and performing incident response per established processes and procedures. This includes both performing technical analysis of security issues as well as handling documentation and project management aspects of incident response. The Responder will lead low and medium severity incidents, as well as assist with analysis tasks associated with high severity incidents. Primary Responsibilities: ??? Act as lead incident handler for low and medium severity incidents and assist with analysis of high severity incidents. ??? Perform technical analysis of multiple sources of data, including network flows/packet data, host forensic artifacts, and application/system logs. ??? Manage incident communications, including establishing/scheduling bridge lines and periodic incident update calls. ??? Document incident tasks and updates in the incident management system. ??? Assist with training and mentoring of junior incident responders.
Forensic Provides forensic collection and analysis services in support of HR and Legal matters, as well as on behalf of security incidents. In this role, the analyst will support evidence preservation, data collection, documentation, and structured analysis of forensic data. Primary Responsibilities: ??? Forensically collect and preserve evidence from end user systems, servers, network data repositories, and other log repositories as required. ??? Create forensic images of RAM, Hard Disks, and unstructured log data. ??? Complete required documentation during the collection of forensic data. ??? Perform structured analysis of forensic artifacts. ??? Test forensic tools for accuracy and identify useful artifacts that may not be supported by an existing tool. ??? Develop tools to parse new artifacts, or to automate existing forensic processes. ??? Assist with training and mentoring of junior forensic analysts.
SKILLS & SOFTWARE REQUIREMENTS (ALL) ??? Strong customer-service orientation. ??? Strong analytical and troubleshooting skills ??? High level critical thinking skills. ??? Excellent written and oral communication skills. ??? Excellent listening and interpersonal skills. ??? Ability to communicate ideas in both technical and user-friendly language. ??? Ability to conduct research into network/security issues and products. ??? Comfortable working in a dynamic environment with multiple goals. ??? Highly self-motivated and directed, with keen attention to detail. ??? Able to prioritize and execute tasks in a high-pressure environment. ??? Experience working in a team-oriented, collaborative environment. ??? Ability to deal diplomatically and effectively at all levels of the organization including both technical and non-technical, management and senior leadership
Professional Experience: ??? 3-5 years of experience (typical) in Information Security. ??? Successful candidates should be able to demonstrate a passion for information security through course work/degrees completed, self-study, and/or certifications that have been completed.
Formal Education & Certifications ??? BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experience ??? CISSP, GSEC, GCIH, GCFE, GCIA, GMON (or related experience)
CME Group: Where Futures Are Made
CME Group (www.cmegroup.com) is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Joining our company gives you the opportunity to make a difference in global financial markets every day, whether you work on our industry-leading technology and risk management services, our benchmark products or in a corporate services area that helps us serve our customers better. With 3,500 employees located around the world, we're small enough for you and your contributions to be known. But big enough for your ideas to make an impact. The pace is dynamic, the work is unlike any other firm in the business, and the possibilities are endless. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.