The Senior IT Security Analyst is responsible for managing activities relating to monitoring and responding to security events. The analyst is responsible for monitoring application, host, and network threats, including external threat actors and rogue insiders. As a trusted member of the Information Security team and industry community, the analyst works closely with internal technical teams, business units, and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, and government agencies.
The analyst is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Analysts are expected to continually adapt to stay a step ahead of cyber attackers and stay up to date on the latest methods attackers use to infiltrate computer systems. Analysts in this role are expected to consistently learn and grow. This is not a passive career opportunity, but rather one that requires a passion for security and rigor to protect the business.
WHAT YOU'LL BRING
Proficient with SIEM, intrusion detection and prevention systems (IDS/IPS), threat intelligence platforms, and security orchestration, automation, and response (SOAR) solutions to centralize and manage the incident and remediation workflow.
Ability to analyze incident logs, attack vectors, and understand vulnerabilities and exploits.
Experience in incident handling and investigation including using formal chain-of-custody methods, forensic tools, and best practices.
Applicable knowledge of adversary tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and CVSS.
Capable of scripting in Python, Bash, Perl, RegEx, or PowerShell.
Knowledge of one or more cybersecurity frameworks: Center for Internet Security (CIS), National Institute of Standards (NIST) or International Standards Organization (ISO).
Experience in conducting risk assessments that protect the business and adhere with compliance and privacy laws.
Knowledge of one or more compliance standards, including Payment Card Industry (PCI), Gramm-Leach-Bliley Act (GLBA)
Familiarity with cloud architectures, standards, and practices.
Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively with cross functional teams.
Self-starter requiring minimal supervision.
Excellence in communicating business risk and remediation requirements from assessments.
Analytical and problem-solving mindset.
Highly organized and efficient.
Demonstrated strategic and tactical thinking.
Stays current with the evolving threat landscape.
Regularly research and identify emerging threats, TTPs in public and closed forums, and work with colleagues to access risk and implement/validate controls as necessary.
Assist with Security Operations activities, including but not limited to, triage of alarms/alerts, and perform technical security assessments.
Plan and execute regular incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
Automate repetitive tasks and drive efficiencies so analysts can work on more advanced tasks.
Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of SOC associates.
Partner closely with internal teams to improve tool usage and workflow, as well as mature monitoring and response capabilities.
Provide support to business units launching new applications or infrastructure to verify that new products/offerings are not at risk of misconfiguration, compromise, or information leakage.
Cross-train on other core security platforms (i.e. TVM administration, EDR, Web Security, etc...).
Perform other duties as assigned.
WHY IT MATTERS
With organizations constantly under attack, your role is essential to ensuring that Busey can quickly identify, respond, and recover from security events that may occur. The organization looks to Information Security to be knowledgeable of attacker TTPs, and then leveraging that knowledge to ensure that the organization has appropriate controls to mitigate risk and monitoring and alerting in place to detect events where security controls have failed.
Information Security supports our business and ensures that we are taking on appropriate levels of risk. That can only be accomplished through maintaining working relationships across Busey business units and IT departments, evangelizing security, and ensuring that effective collaboration is occurring leading to Information Security's desired outcomes.
EDUCATION & TRAINING
(Preferred) Bachelor's degree in computer science information assurance, MIS or related field, or equivalent.
On-the-job training in relevant roles relating to information security, threat and vulnerability management, system administration, or equivalent.
Preferably, one of the following: Security+, CySA+, CRISC, CCRMP, or CISA; or willingness to pursue a certification or re-certification within the first six months of hire.
At least 3-5 years' experience in information security administration, vulnerability management, security operations, or system administration.
Busey believes that diversity and inclusion among our teammates is critical to our success as a company, and we seek to recruit, develop and retain the most talented people from a diverse candidate pool.
Equal Opportunity Employment is a priority for Busey and all qualified applicants will receive consideration regardless of race, color, religion, national origin, genetic information, sex (including pregnancy), age, sexual orientation, gender (including gender identity and expression), marital status, military status, veterans status, citizenship status, disability, order of protection or any other characteristic protected by applicable law or other non-merit based factors.
As of June 30, 2019, First Busey Corporation (Nasdaq: BUSE) was a $9.61 billion financial holding company headquartered in Champaign, Illinois.
Busey Bank, a wholly-owned bank subsidiary with total assets of $7.66 billion as of June 30, 2019, is headquartered in Champaign, Illinois and has 44 banking centers serving Illinois, 13 banking centers in the St. Louis, Missouri metropolitan area, five banking centers serving southwest Florida and a banking center in Indianapolis, Indiana. Through the Busey Wealth Management division, the Company provides asset management, investment and fiduciary services to individuals, businesses and foundations. As of June 30, 2019, assets under care were approximately $7.47 billion. Busey Bank owns a retail payment processing subsidiary, FirsTech, Inc., which processes approximately 28 million transactions per year using online bill payment, lockbox processing and walk-in payments at its 4,000 agent locations in 43 states. More information about FirsTech, Inc. can be found at firstechpayments.com.
Busey Bank was named among Forbes' 2019 Best-In-State Banks—one of five in Illinois and 173 from across the country, equivalent to 2.8% of all banks. ...Best-In-State Banks are awarded for exceptional customer experiences as determined by a survey sample of 25,000+ banking customers who rated banks on trust, terms and conditions, branch services, digital services and financial advice.
TheBANK of Edwardsville, a wholly-owned bank subsidiary of the Company with total assets of $1.95 billion as of June 30, 2019, is headquartered in Edwardsville, Illinois and has 19 banking centers. Through TheBANK of Edwardsville Wealth Management division, the Company provides asset management, investment and fiduciary services to individuals, businesses and foundations. As of June 30, 2019, assets under care were approximately $1.50 billion.
For more information about us, visit busey.com and 4thebank.com.