Cyber Incident Response Analyst, 3rd Shift

Description This employer will not sponsor applicants for the following work visas: F-1 student, H-1B worker, O-1 worker, TN worker, E-3 worker. Summary: The Cybersecurity Incident Response Analyst reviews security events to identify and prioritize potential threats and identify trends utilizing various tools and technologies. Analyze available data sources, security tools, and threat trends to identify attacks against the enterprise. Perform incident response, issue resolution, assessment, and communication of security risks to the enterprise. The Cybersecurity Incident Response Analyst recommends and implements defensive measures derived from information collected from a variety of sources. You will work closely with other teams within Cybersecurity and with IT Operations. Duties & Responsibilities: Participate in the day-to-day security operations monitoring and response from the Cybersecurity Operations Center. Perform malware analysis, reverse engineering, and de-obfuscation techniques Evaluate, respond, and mitigate alerts that originate from the SIEM and the Cybersecurity product suite, e.g. NGFWs, IDS/IPS, Anti-virus, Web Application Firewalls, NAC Solution, etc. Implement or recommend mitigations including the creation and development of new alerts and rules within the various cyber security tools. Be able to analyze and identify malicious activity during the various attack stages. Maintain a high level of technical expertise on Cyber Security defense-in-depth technology and best practices by performing ongoing research and engagement to maintain awareness of industry trends, best practices. Collaborate with the Cyber Security Engineering and IT Operations teams. Performs other duties as assigned. Basic Qualifications: Bachelor’s degree 3 years of experience in Cybersecurity Preferred Qualifications: Familiar with common attack vectors, DDoS attacks, Phishing, web & application attacks, and malware Knowledge of common critical network protocols and layer 7 technologies such as SMTP, HTTP, HTTP/S, SSL/TLS, DNS, FTP, SSH, and others Familiar with a SIEM platform and various cyber security technologies such as EDR, AV, IDS/IPS, and WAFs Familiarity with advanced persistent threats and their tactics, techniques, and procedures Familiarity with the incident response Kill Chain Fundamental understanding of Windows, Mac OSX, and Linux operating systems Fundamental understanding of OSI model, basic networking and troubleshooting concepts Experience with programming or scripting, including PowerShell, Bash, Python, Yara, and Perl Intermediate knowledge of incident response frameworks and handling procedures Understanding and knowledge of various log formats from a variety of network and computer devices Knowledge of Cyber risks and threats related to Cyber attackers Knowledge of recent Cyber events and interpreting kill chain process and threat impacts Presentation, analytical, and critical-thinking skills Occasional travel may be required (<10%) Ability to work nights (3rd Shift) -2 nights in the office /2 nights remote #LI-SG1 #LI-BM1 Exempt Status: (Yes = not eligible for overtime pay) (No = eligible for overtime pay) Yes Workplace Type: Office Our Approach to Office Workplace Type Certain positions outside our branch network may be eligible for a flexible work arrangement. We’re combining the best of both worlds: in-office and work from home. Our approach enables our teams to deepen connections, maintain a strong community, and do their best work. Remote roles will also have the opportunity to come together in our offices for moments that matter. Specific work arrangements will be provided by the hiring team. Huntington will not sponsor applicants for this position for immigration benefits, including but not limited to assisting with obtaining work permission for F-1 students, H-1B professionals, O-1 workers, TN workers, E-3 workers, among other immigration statuses. Applicants must be currently authorized to work in the United States on a full-time basis. Huntington is an Equal Opportunity Employer. Tobacco-Free Hiring Practice: Visit Huntington's Career Web Site for more details. Note to Agency Recruiters: Huntington will not pay a fee for any placement resulting from the receipt of an unsolicited resume. All unsolicited resumes sent to any Huntington colleagues, directly or indirectly, will be considered Huntington property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration. Welcome to Huntington! At Huntington, we look out for people. From reinventing banking with game-changing innovations to building an internal culture that creates lifelong bonds, together, we can make people’s lives better. And amazing things happen when we look out for each other. We prove it every day. Whether it’s helping a colleague or collaborating on a new tool that will revolutionize the way people save money, our actions can have a huge impact. Our colleagues look out for people with a Can-Do Attitude, Service Heart and Forward Thinking. Those are our values—simple but powerful. Each of them pushes us do the right thing, to do right by people. Because people are what matter. If that sounds like you, we hope you’ll apply to join our team. If you’d like to learn more about how Huntington looks out for people, visit We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of this site or if you require a reasonable accommodation to apply for a job or to perform the essential functions of the job, please send an email to [email protected] Reasonable Accommodations Reasonable Accommodations EEOC Disclaimer Know Your Rights CA Data Privacy CA Data Privacy Rights Tobacco Disclaimer Tobacco-Free Hiring Practice Note to Agency Recruiters: Huntington will not pay a fee for any placement resulting from the receipt of an unsolicited resume. All unsolicited resumes sent to any Huntington colleagues, directly or indirectly, will be considered Huntington property. Recruiting agencies must have a valid, written and fully executed Master Service Agreement and Statement of Work for consideration. Apply tot his job Apply tot his job