Senior Analyst-Security Operations Center
The Senior Cyber Threat Defense Operations Analyst serves as a Tier 3 Analyst as a member of the Bunge Global Cyber Threat Defense and Security operations team. In this role, the individual is a member of a team that is responsible for all Cyber Defense operational activities that serve to protect the confidentiality, integrity and security management of business and employee information and systems. The employee will be expected to perform structured and unstructured tasks associated with proactive identification and remediation of suspicious network and host based activity, providing risk management recommendations; vulnerability management; securityevent and threat monitoring and reporting; intrusion, malware and inappropriate use detection; secure applications performance; effective implementation of policy, standards and controls; and incident response.
The candidate should have significant, demonstrated skills in TCP/IP protocols, malware analysis, reverse code engineering, and computer forensics. A formal, certified forensics background is considered a plus. The candidate should display strong technical depth that spans PC and server software, application and custom code. Solid background in understanding modern computing vulnerabilities, attack vectors and exploits is required. Conducting Incident investigations including: intrusions, illegal software usage. Provide management clear understanding of current operational events, impact to network and business, make sound remediation recommendations.
Expertise (7+ years) of SPLUNK, Fidelis and Carbon Black tool suites are required. Ability to perform high-quality work, work with minimum supervision, and deliver results in timely manner. Provide data and analysis in support of regular metric reporting demonstrating business value directly associated with pro-active analysis. Enable compliance with laws and regulations. Mentor junior and peer SOC analysts in proper incident handling techniques and specific tools and techniques.
- Partner with Bunge OpCo security leaders and the security SSC team to function as a contributing member of a global cyber defense team for Bunge in order to safeguard the company's Interests, intellectual property and information systems
- Conduct cybersecurity activities to collect, store, and correlate, analyze, identify and respond to security data derived from sensors (e.g., IDS/IPS), above security tools/technologies logs and incident reports.
- Implement, configure, and optimize the detection and reporting capabilities of company’s security tool suite.
- Collect and analyze intrusion artifacts (e.g., source code, malware) and use discovered data to enable mitigation of potential incidents.
- Coordinate with intelligence analysts to correlate threat assessment data.
- Serve as technical expert and support liaison to law enforcement personnel and explain incident details.
- Conduct rapid incident response activities and cybereventinvestigations.
- Conduct risk assessments and network vulnerability assessments in partnership with GRC Security Manager. Document and prioritize all remediation recommendations and document and manage exceptions.
- Serve as an internal information security consultant to the organization. Support System Operations and Systems Development, as required, to ensure information security policy, standards and controls are planned for and effectively implemented.
- Conduct root cause analysis of real or suspected security incidents and identify cause and recommended corrective actions.
- Provide and or contribute to the development of annual and ad-hoc information security evaluations and performance reports to be shared with the Information SecurityWorking Group and other executive leadership, as required
- Demonstrated expertise with core Cyber Defense Operations platforms: SPLUNK, Carbon Black, Fidelis.
- Provide Information Security status and riskreports according to defined and agreed schedules
- Compliance with regulatory and legal requirements of Bunge globally in operating the SOC
- Respond to and support “after hours” incident response.
Skills and Experirence:
- Minimum of 7 years of direct experience in Cyber Security, SOC operations, Incident Response, and Security tool integration & operations is required.
- Master’s or Bachelor’s degree in computer science, information systems, engineering, business administration or a related field is required.
- Must have one or more of certifications such as, GSEC, GCIA, CEH. CISCO
- Scripting knowledge in Perl, PHP, ASP or Java with recent and basic programming experience
- 4+ years direct experience with Splunk, FIdelis, Firewall and IDS/IPS technologies.
- Experience with malware reverse engineering.
- Minimum of 2 years of experience in compliance-oriented industry is preferred.
- Advanced understanding and demonstrated technical skils and abilities in the information security domain.
- Ability to conduct analysis of multiple data sources and provide assessment on the relationship between threats, vulnerability and information value in the context of risk management for company.
- Bi-lingual/Multi-lingual candidates preferred: Spanish, Portuguese, German, French as a second language.
- Good understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance.)