JOB DESCRIPTION
The Role
The Adient Global Information Security (GIS) team is undergoing a transformation and expansion as Adient increases its cybersecurity resources and capabilities in order to address the increasing cybersecurity threat landscape.
Hosted in Detroit, Michigan, the Information Security Operations Security Analyst is a position reporting into the Global Information Security Operations Manager with responsibility with assisting in development and implementation of standard operating procedures which support prevention, detection and response of cyber security risks and threats. The global incident management program will provide the company with the ability to complicate, detect, and respond to Cyber Security incidents impacting the enterprise by ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. The program will have responsibility over security monitoring and is responsible for global 24x7 incident response activities. The global security incident management program will also manage information resources during incident response activities to identify possible cyber-attack or intrusion events, and determine if it is a business impact.
Primary Responsibilities
•Take direction from Manager Global Security Operations and interact with internal/external partners for escalation and incidents
•Performs of all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
•Assist with Computer Security Incident Response activities for a large organization, coordinates with other GIS team members and business units to record and report incidents.
•Monitor and analyze network traffic and security event data from within a Security Information and Event Management (SIEM).
•Investigate and analyze intrusion attempts and perform in-depth analysis of exploits.
•Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident in conjunction with partners.
•Conduct proactive threat and compromise research and analysis.
•Provide resolutions regarding intrusion events, security incidents, and other threat indications and warning information to teams
•Document all activities during an incident and providing leadership with status updates during the life cycle of the incident.
•Prepares incident reports of analysis methodology and results.
•Assists with implementation of counter-measures or mitigating controls.
•Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
•Provide guidance and mentorship to analyst team on investigative and response methodologies.
•Maintains current knowledge of relevant technology as assigned.
•Participates in special projects as required. The Security Analyst is responsible for carrying out all activities regarding SOC policies and SOC procedures.
Candidate Profile
The successful candidate will be a passionate information security professional with the ability to communicate to different business and IT leaders. The candidate will be able to execute the security incident response and Information inventory management strategy defined by leaders. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven team leader and security strategist.
•A minimum bachelor degree in computer Analyzing, computer security or computer science discipline, or relevant work experience.
•7-10 years of information security related experience leading teams in security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration, network operations, analyzing, system administration on Linux, or Window
•Solid understanding of basic computer science including: algorithms, encryption, databases, operating systems, networks, and tool development
•Strong understanding of adversary motivations including cybercrime, cyber hacktivism, cyber war, cyber espionage and the difference between cyber propaganda and cyber terrorism.
•Strong understanding of security operations concepts such as perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment and security metrics.
•Experience monitoring, detecting, and leading response efforts of advanced persistent threats.
•Experience with open source and commercial security management tools
•Experience in the definition and implementation of strategic information security plans
•Advanced event analysis leveraging SIEM tools (Splunk, Qradar, etc)
•Advanced incident investigation and response skill set
•Advanced log parsing and analysis skill set
•Advanced knowledge of networking (TCP/IP, network layers,)
•Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime)
•Experience generating and modifying network and host based Indicators of Compromise (IOC)
•Advanced knowledge of penetration techniques
•Moderate to Advanced knowledge of DDoS mitigation techniques
•Moderate to Advanced knowledge or IDS/IPS systems
•Moderate to Advanced knowledge of Windows and Unix or Linux
•Moderate knowledge of Firewall and Proxy technology
•Moderate knowledge of Data Loss Prevention programs and... For full info follow application link.
Adient is an equal employment opportunity and affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, , national origin, age, protected veteran status, status as a qualified individual with a disability, or any other characteristic protected by law. If you are an individual with a disability and you need an accommodation during the application process please email talent-acquisition@adient.com.