Deloitte Cyber Risk Managed Threat Services Level 2 Analyst in Mechanicsburg, Pennsylvania
Managed Threat Services Level 2 Analyst
Are you interested in improving the cyber risk protection of leading companies? If your response is yes, consider joining Deloitte & Touche LLP s growing Cyber Risk Data Managed Threat Services practice. Our MTS analysts and engineers assist our clients with identifying unauthorized activities and intrusions in their networks in real time.
Work you'll do
The Managed Threat Services Level 2 Analyst conducts network analysis of targets, operates daily open source research, resulting in various reports and alerts, and possesses extensive knowledge on network, endpoint, threat intelligence, as well as the functioning of specific applications or underlying IT infrastructure, and has some experience with forensics tools, malware analysis, closely involved in developing, tuning and implementing threat detection analytics.
Work with alerts from the Level 1 SOC Analysts, to perform in depth analysis and triage of network security threat activity based on computer and media forensics, malicious code analysis, and protocol analysis
Follows client-and-incident-specific procedures to perform basic triage of said potential security incidents to determine their nature and priority and eliminating obvious false positives, process health alerts, and process requests for information
Documents all actions taken in a ticketing system
Maintaining awareness of the client s technology architecture, known weaknesses, the architecture of the security solutions used for monitoring, imminent and pervasive threats as identified by client threat intelligence, and recent security incidents
Continually improve the service by identifying and correcting issues or gaps in knowledge capital (analysis procedures, playbooks, client network models), identifying and recommending new or updated tools, content, countermeasures, scripts and plug-ins
Perform threat hunting based on emerging IOCs or Vulnerabilities.
Serve as a subject matter expert in at least one security-related functional area (e.g. specific malware solution, python programming, digital forensics, etc)
Seek self-improvement and enhanced value by documenting a self-education roadmap and pursuing advancement to a Level 3 Analyst or Hunter
Adheres to internal operational security and other Deloitte policies
Advanced analysis of the results of the monitoring solutions, asses escalated output from Level One Analysts
Web hunting for new patterns/activities
Ad Hoc Content development and testing
Provides advice and guidance on the response action plans for information risk events and incidents based on incident type and severity
Ensures that all identified events are promptly validated and thoroughly investigated
Provides intermediate event analysis, incident detection, and escalation to Level 3 Analyst or SOC Manager using documented procedures
When necessary, and with the SOC Managers approval, devise and document new procedures
Assist the Shift Lead and fulfill Shift Lead responsibilities in his/her absence
Develop and implement IDS signatures
Assist with incident response efforts
Mentor junior analysts and run training sessions
Deloitte Advisory's Cyber Risk team helps complex organizations more confidently pursue their growth, innovation and performance agendas through proactive management of the associated cyber risks. Our professionals provide advisory and implementation services that integrate risk, regulatory, and technology skills to help clients transform their legacy programs into proactive Secure.Vigilant.Resilient. TM cyber risk programs. Join the team developing the future state of cyber risk solutions. Learn more about Deloitte Advisory s Cyber Risk Services practice. at http://www2.deloitte.com/us/en/pages/risk/solutions/cyber-risk-services.html
Category: Information Technology
As used in this document, Deloitte means Deloitte LLP and its subsidiaries. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.