Cyber Security Analyst

Overview

Thank you for your interest in a career  Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career — a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.

Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit. The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law.

Such information will be stored in accordance with regulatory requirements and in conjunction with Regions’ Retention Schedule for a minimum of three years. You may review, modify, or update your information by visiting and logging into the careers section of the system.

At Regions, the Cyber Security Analyst is responsible for analyzing, identifying, and documenting cybersecurity information and risks. This role will require a proactive individual with an understanding of or willingness to learn core technology and cybersecurity principles along with industry best practices to investigate, remediate and/or escalate for further evaluation.

• Analyze and respond to cyber threats within various security tools according to documented procedures.
• Collaborates with various stakeholders within Cyber Security/Technology departments and standard owners to properly document and communicate security risks
• Proactively supports a feedback loop related to information and events in order to identify and support the remediation of improving precision and accuracy of analysis.
• Review and understand Policies, Standards, and Procedures for improved process flows.
• Supports threat hunting, participate in tabletop exercises, and assist in Incident Response on a rotational job-duty basis as needed
• Maintains meticulous records of all work performed, including root cause analysis, indicators of compromise, remediation steps, timeline of events, and impact assessment using clear and concise annotations as needed
• Stays abreast of global cybersecurity threat trends
• Supports and collaborates with various cybersecurity teams to document security posture and assess environment for relevant IOCs and gaps
• Participates in and ensures proper documentation of various security assessments (i.e. Security Architecture Reviews, Red Team assessments, Purple Team engagements, and formal tabletop exercises) as needed
• Assists with analyzing software for violations in Regions Cyber Security standards as needed

This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.

• High School Diploma or GED and two (2) years of related post-secondary education and/or experience in Information Security or Information Technology
• Willingness to become familiar with regulatory requirements and industry standards such as the Gram Leach Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI-DSS), National Institute of Standards and Technology (NIST), etc.
• Willingness and availability to work on a pre-determined shift and rotational on call

• Knowledge of or willingness to learn Cloud Security concepts including Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP)
• Minimum of one (1) relevant certification in Information Security or the ability to obtain relevant certification within twelve months of start date in this position, such as CompTIA Network+/Security+/CySA+, EC-Council Certified Ethical Hacker (CEH), Cisco CCNA/CCNA-Security, GIAC GSEC, or CDSA

• Ability to be a self-starter with initiative and drive for continuous improvement
• Ability to be a team-oriented individual who works well with others and places a premium on the group’s success
• Excellent writing and verbal communication skills
• Familiarity with concepts related to security disciplines such as: malware analysis, computer forensics, cyber incident response, network intrusion detection, network traffic and packet analysis, penetration testing, vulnerability scanning, compliance, audit, or cyber threat intelligence
• Investigative and problem-solving skills
• Strong organizational, research, analytical and problem-solving skills to evaluate situations and respond appropriately
• Understanding of information security principles, controls, and technologies

• Demonstrated working knowledge of enterprise security tools, including Security Information and Event Management (SIEM) platforms, endpoint protection solutions, and email security technologies, with the ability to analyze alerts, identify threats, and support incident response…