While employed at Selective Insurance, an established fortune 700 company, I was quickly promoted to a senior cybersecurity analyst. Not only was I able to learn vastly from the team there, but I was able to contribute to the company by:
- Acts as a subject matter expert to the enterprise and a mentor to other IT security staff. Independently initiates work as needed to meet cyber defensive needs, and exercises significant levels of accountability and ownership of security issues. Performs assessments, and incident response/threat intelligence consultation on security topics to enterprise projects and technology acquisitions, in support of Manager, IT Cyber Defense.
- Responsible for taking a lead expert role in false positive detection, event correlation, identifying indicators of threat activity, and executing actionable recommendations. Possesses an expert level of expertise in making recommendations that enable expeditious remediation. Independently identifies, assesses, and recommends cyber defense software, processes, and services to Manager, IT Cyber Defense based on business plans and security gaps, as appropriate. Able to translate high level designs, recommendations ,and industry trends into effective solutions, and leads the execution of these solutions.
- During incident response events works with ITS Cyber Defense Manager to perform event triage, scoping, criticality and impact. Perform defensive actions such as incident handling, forensic analysis and chain of custody documentation in support of incident response. Possesses an expert level of knowledge in intrusion detection methodologies and techniques for detecting host and network-based intrusions and considered an expert in in protecting a network against malware. (E.g. NIPS, anti-malware, restrict/prevent external devices, spam filters)
- Recognizes and identifies potential areas where existing data security policies, procedures, and controls require change, or where new ones need to be developed, especially regarding future business expansion. Maintains an awareness of industry trends and emerging risks, and proposes relevant company response.
- Identifies, initiates, and manages contact with vendors regarding new cyber defensive technologies, security system updates, and technical support of security products.
- Acts as a third-level support to manage critical issues that may affect clients, including determining short-term solutions. Completes status and statistical reports in assigned area as required while recommending long term solutions.
- Leads the development and execution of a remediation strategy for routine and potential areas where existing cyber defensive policies and procedures may require change, or where new ones need to be developed Takes a leadership role in supporting the ITS Cyber Defense Manager in partnering with legal and audit departments to ensure compliance with policy and regulatory requirements.
- Leads analysts in maintaining and enhancing vulnerability management procedures. Plans, manages, and executes upgrades to existing systems and communicates and coordinates change with impacted departments, directly or through delegation.
- Under direction of management and counsel, plays a leading role in the incident response process, and contributes to recovery activities.
- Participates in the Cyber Defense Center on call rotation. Coaches Developers, Technicians, Architects, and Managers as a thought leader in the development and enforcement of Enterprise Architecture and Security standards.