Cyber Security Analyst

JOB DESCRIPTION

Summary

The Adient Global Information Security (GIS) team is undergoing a transformation and expansion as Adient increases its cybersecurity resources and capabilities in order to address the increasing cybersecurity threat landscape.

Hosted in Detroit, Michigan, (though a remote role) the Cyber Security Analyst is a position reporting into the Senior IT Manager, with responsibilities including: assisting in development and implementation of standard operating procedures which support prevention; detection and response of cyber security risks and threats. The global incident management program will provide the company with the ability to complicate, detect, and respond to Cyber Security incidents impacting the enterprise by ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. The program will have responsibility over security monitoring and is responsible for global 24x7 incident response activities. The global security incident management program will also manage information resources during incident response activities to identify possible cyber-attack or intrusion events, and determine if it is a business impact.

Primary Responsibilities

• Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
• Perform ticket administration to monitor and analyze priority and status of Information Security tickets to ensure for accuracy and timely resolution.
• Assist with Computer Security Incident Response activities for a large organization, coordinates with other GIS team and business units to record and report incidents.
• Perform follow-up, as necessary to assist with Intrusion Detection Systems (IDS) monitoring and analysis to identify security issues for remediation. Support efforts to recognize intrusion attempts and perform thorough reviews and analyses of relevant event detail and summary information.
• Communicates alerts to cross functional teams regarding intrusions and compromises to the network infrastructure, applications and operating systems. Assists with implementation of counter-measures or mitigating controls. Prepares incident reports of analysis methodology and results. Maintains current knowledge of relevant technology as assigned.
• Participates in special projects as required. SOC Security Analyst III is responsible for carrying out all activities regarding SOC policies and SOC procedures.

Qualifications

The successful candidate will: have the ability to communicate to different business and IT leaders; be able to execute the security incident response and Information inventory management strategy defined by leaders; demonstrate drive, intelligence, maturity, and energy, and will be a proven change leader. SOC Security Analysts will also perform analysis of log files including forensic analysis of system resource access.

• A minimum bachelor degree in computer Analyzing, computer security, computer science discipline, or relevant work experience.
• 3-5 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration, network operations, Analyzing, system administration on Linux, or Window
• Solid understanding of basic computer science including: algorithms, encryption, databases, operating systems, networks, and tool development
• Strong understanding of adversary motivations including cybercrime, cyber hacktivism, cyber war, cyber espionage and the difference between cyber propaganda and cyber terrorism.
• Strong understanding of security operations concepts such as perimeter defense, BYOD management, data loss protection, insider threat, kill chain analysis, risk assessment and security metrics.
• Team member with good communication skills and the ability to communicate to technical and non-technical audiences at different seniority levels
• Ability to create and maintain good business relationships with counter parts, customers and external entities to achieve the security incident management goals
• Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
• Experience with open source and commercial security management tools
• Experience in the definition and implementation of strategic information security plans
• Advanced event analysis leveraging SIEM tools
• Advanced incident investigation and response skill set
• Advanced log parsing and analysis skill set
• Advanced knowledge of networking (TCP/IP, network layers,)
• Advanced knowledge of current threat landscape (threat actors, APT, cyber-crime)
• Experience monitoring, detecting, and leading response efforts of advanced persistent threats.
• Advanced Knowledge of digital forensics and static malware analysis techniques.
• Experience generating and modifying network and host based Indicators of Compromise (IOC)
• Advanced knowledge of penetration techniques
• Moderate to Advanced knowledge of DDoS mitigation techniques
• Moderate to Advanced knowledge or IDS/IPS systems
• Moderate to Advanced knowledge of Windows and Unix or Linux
• Moderate knowledge of Firewall and Proxy technology
• Moderate knowledge of Data Loss Prevention programs and administration
• Moderate experience with scripting
• Moderate knowledge of forensic techniques
• Moderate to Advanced protocol analysis experience
• Moderate knowledge of regulatory compliance requirements (PCI-DSS, HIPAA, FISMA, SOX)
• Moderate knowledge in National Institute of Standards and Technology (NIST) as they apply to FISMA
• Experienced in mentoring and training junior analysts

Desired Certifications (but not required):

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Intrusion Analyst (GIAC)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified GIAC Reverse Analysting Malware (GREM)
• Certified Ethical Hacker (CEH)
• Offensive Security Certified Professional (OSCP)
• Cisco Certified Network Professional Security (CCNP Security)
• Cisco Certified Network Professional (CCNP)
• Server Platform Certifications (Microsoft, Linux)
• Forensics Examiner Certification (EnCE, FTK)

Adient

Adient (NYSE:ADNT) is a global leader in automotive seating. With 75,000 employees operating in 230 manufacturing/assembly plants in 33 countries worldwide, we produce and deliver automotive seating for all vehicle classes and all major OEMs. From complete seating systems to individual components, our expertise spans every step of the automotive seat-making process. Our integrated, in-house skills allow us to take our products from research and design all the way to engineering and manufacturing - and into more than 25 million cars every year. To learn more, please visit adient.com.

PRIMARY LOCATION

Central Tech Unit Plymouth MI