Sr. Cyber Security Analyst: Offensive Side (Remote)

With a focus on Mobility, Operational Excellence, Value to our Customers and the Electrification of vehicles, you can expect to be part of something exciting. From the sleek design of our vehicles to the unique opportunities we offer around the globe, Nissan exemplifies ingenuity in everything we do. Our people are what drive the business forward.

We're currently looking for a Sr. Cyber Security Analyst: Offensive Side (Remote) join our InfoSec Offensive team in Franklin, TN. The Sr. Cyber Security Engineer is an advanced and highly trusted role supporting the enterprise cybersecurity program. Additionally, serves across all areas of threat intelligence to help inform and defend the business, and protect brand reputation. The analyst monitors application, host and network threats, including external threat actors and rogue insiders. The analyst understand that systems and applications may have weaknesses that can be exploited by external threat actors and potentially lead to a breach. Given that vulnerability management and risk exposure extend across all technical systems enterprise-wide, responsibilities of this position include identifying assets and vulnerabilities, reporting, remediation and continuous assessment.

As a trusted member of the cybersecurity team and industry community, the analyst works closely with internal technical teams, business units and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, government agencies and public affiliation peers.

The Sr. Cyber Security Analyst is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Among the research conducted, the analyst will seek to uncover patterns and trends and be forward-thinking as to how threats may evolve. Furthermore, the analyst will participate in simulation exercises designed to uncover weaknesses related to threats, with the goal of implementing defensive solutions prior to attacks and disrupting attacks in progress. The analyst will also distill threat intelligence so technical and non-technical contacts can understand it and make educated decisions about next-step actions. The Cyber Security Analyst works in tandem with Manager and Sr. Manager to elevate the company's security posture.

Job functions Include but are not limited to:

• Research current and emerging threats facing the business and industry sector.
• Track threat actor infrastructure and associated malware families.
• Centralize multiple threat sources (premium, industry-shared, open-source, dark web), correlate indicators and threats, and distill actionable intelligence.
• Actively hunt for exposures and identify incidents warranting action to disrupt and remediate threats.
• Use and assign indicator severity and impact ratings to determine appropriate plans of action.
• Serve as a trusted advisor to establish credibility with business unit leadership and technical teams.
• Share relevant information with stakeholders and make recommendations for next steps when facing threats.
• Actively participate in threat hunting tabletop exercises to hone and strengthen skills across the team.
• Evaluate and implement deception techniques designed to thwart adversaries.
• Work closely with security leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure.
• Actively inform and engage in security projects across the business to disrupt active or potential threats.
• Be readily available to participate in collaborative threat analysis meetings with internal and external trusted entities.
• Maintain an up-to-date level of knowledge related to security threats, vulnerabilities and mitigations to reduce attack surface, and circulate it through business units.
• Knowledge of multiple computing platforms, including Windows, OSX, Linux, Unix, networks and endpoints.
• Experience with vulnerability and penetration testing engagements.
• Openly support the CISO, management team and executive leadership, even during tumultuous times.
• Perform other duties as assigned.

Qualifications:

• Experience:
  • At least 5-7 years of cybersecurity experience (or information technology coupled with cybersecurity), with at least 3-5 years in an intelligence or incident response security practitioner role.
  • Applicable knowledge of adversary tactics, techniques and procedures (TTPs), MITRE ATT&ACK framework, CVSS, open source intelligence (OSINT) and deception techniques.
  • Demonstrated ability to investigate, handle and track incidents.
  • Proficient in SIEM, intrusion detection and prevention systems (IDS/IPS), threat intelligence platforms and security orchestration, automation and response (SOAR) solutions to centralize and manage incident and remediation workflow.
  • Ability to analyze incident logs, assess malware, and understand vulnerabilities and exploits, along with strong operating systems knowledge.
  • Experience in incident handling, vulnerability management, hacking tools, intelligence gathering and kill chain methodology.
  • Proven threat hunting experience and ability to track adversaries.
  • Demonstrated experience conducting adversary emulation.
  • Capable of working with diverse teams and promoting an enterprise-wide positive security culture.
  • Ability to maintain a high level of integrity, trustworthiness and confidence, with the highest level of professionalism.
  • Proficient with Python, PowerShell and Bash.
  • Ability to preserve credibility with the team and external constituents through sustained industry knowledge.
  • Demonstrated understanding and comprehension of a wide range of network and host cybersecurity solutions.
• Education
  • Bachelor's degree in a related discipline. Security certifications.
• Professional security certifications preferred
  • Has one or more of security certifications including SANS, CISSP, CISM, AWS & Azure.
• Frameworks
  • Working knowledge of the GLBA, NIST (NIST CSF) and CIS cloud security frameworks.
• Collaboration
  • Demonstrated experience with collaborating in a highly matrixed environment which involves multiple internal and external stakeholders to gather data that enables prioritization and delivery of results.

Welcome to an open lane of possibility. Drive your career forward and join the company leading the technology and business evolution of the automotive industry by applying today.

Nissan is committed to a drug-free workplace. All employment is contingent upon successful completion of a drug screen for roles based in the United States and background screening for all positions.

All of us at Nissan - regardless of functional area or expertise - share a passion to design, manufacture, and sell high-performance vehicles. It is Nissan's policy to provide Equal Employment Opportunity (EEO) to all persons regardless of race, gender, military status, disability, or any other status protected by law. Candidates for this position must be legally authorized to work in the United States and will be required to provide proof of employment eligibility at the time of hire; Nissan uses E-Verify to validate employment eligibility. **Visa sponsorship for this position is not available at this time. **

Salary Range Estimate: Annual Salary: ($84,433 to $173,070). This compensation range represents the minimum and maximum base salary rates at Nissan for jobs assigned to this particular grade level. Please note that it is uncommon for an employee to be placed at either end of the range. Rather, an employee's actual base salary generally may fall somewhere in between and reflect the employee's unique skills, work experience, education, work location, and market norms. Additionally, pay may be based on comparisons to the base salary rates of other employees with similar backgrounds working in comparable roles.

NISSAN FOR EVERYONE

People are our most valuable assets, and diversity and inclusion are the key to maximizing the power of each individual member of our team. When everyone belongs, the power of NISSAN is undeniable. Our Corporate Diversity Initiative aims to improve business results by ensuring that our workplace and core businesses meet the unique needs of our employees and customer base.

Nissan is committed to creating a culture where everyone belongs and employees, customers, and partners feel respected, valued, and heard. We have over 10 Business Synergy Teams (BSTs) across the U.S. and Canada that connect employees - with shared characteristics or interests - build allies, and foster a company culture where all employees feel supported and included.

Nissan also values inclusion in all areas of our business as we strive to mirror the diversity of our customer base and the communities where we do business. We are committed to procuring innovative goods and services, retailing our products and communicating from a diverse perspective which will help us continue to offer our customers competitively designed, market-driven products.

Join us as we carry our commitment to diversity and inclusion into the future.

Franklin Tennessee United States of America