Description
The Ld Cyber Defense Analyst will support one or more of the following areas, as follows:
Detection
Responsible for performing triage of security events that are escalated to the team. This role is considered a team lead position, and will act as the primary point of escalation for any technical issues within the team. Additionally, this position may include managing work of other team members.
Primary Responsibilities:
• Monitor and respond to events escalated through the Security Information and Event Management (SIEM).
• Document security events in Incident Tracking System.
• Provide support for Junior Analysts in validation and assessment of security events.
• Document and create of new event monitoring and triage processes.
• Involved in creating new detection measures and working with other CDT functions on proactive threat hunting engagements.
• Represents the Detection Team in projects/meetings that require Detection Subject Matter Expertise.
• Team Lead position that involves managing technical projects as well as people management of multiple direct reports.
Response
position is responsible for performing validation of escalated security events and performing incident response per established processes and procedures. This includes both performing technical analysis of security issues as well as handling documentation and project management aspects of incident response. The Responder will lead low, medium, and high severity incidents, as well as assist other analysts with incidents they are responding to. This positional so acts as a technical lead for the team, as well as a people manager of other incident responders.
Primary Responsibilities:
• Act as lead incident handler for all types of security incidents and assist with analysis of high severity incidents.
• Perform technical analysis of multiple sources of data, including network flows/packet data, host forensic artifacts, and application/system logs.
• Manage incident communications, including establishing/scheduling bridge lines and periodic incident update calls.
• Document incident tasks and updates in the incident management system.
• Assist with training and mentoring of junior incident responders.
Acts as a people manager of other Cyber Defense team members.
Forensic
Provides forensic collection and analysis services in support of HR and Legal matters, as well as on behalf of security incidents. In this role, the analyst will support evidence preservation, data collection, documentation, and structured analysis of forensic data. The lead analyst is also responsible for managing complex investigations and delegating tasks to other forensic analysts as needed.
Primary Responsibilities:
• Forensically collect and preserve evidence from end user systems, servers, network data repositories, and other log repositories as required.
• Create forensic images of RAM, Hard Disks, and unstructured log data.
• Complete required documentation during the collection of forensic data.
• Perform structured analysis of forensic artifacts.
• Test forensic tools for accuracy and identify useful artifacts that may not be supported by an existing tool.
• Develop tools to parse new artifacts, or to automate existing forensic processes.
• Assist with training and mentoring of junior forensic analysts.
• Maintain and develop standard operating procedures.
SKILLS & SOFTWARE REQUIREMENTS (ALL)
Personal Attributes:
• Strong customer-service orientation.
• Strong analytical and troubleshooting skills
• High level critical thinking skills.
• Excellent written and oral communication skills.
• Excellent listening and interpersonal skills.
• Ability to communicate ideas in both technical and user-friendly language.
• Ability to conduct research into network/security issues and products.
• Comfortable working in a dynamic environment with multiple goals.
• Highly self-motivated and directed, with keen attention to detail.
• Able to prioritize and execute tasks in a high-pressure environment.
• Experience working in a team-oriented, collaborative environment.
• Ability to deal diplomatically and effectively at all levels of the organization including both technical and non-technical, management and senior leadership
Professional Experience:
• 5 years of experience (typical) in Information Security.
• Successful candidates should be able to demonstrate a passion for information security through course work/degrees completed, self-study, and/or certifications that have been completed.
Formal Education & Certifications
• BA/BS in Engineering, Computer Science, Information Security, or Information Systems or related work experience
• CISSP, GSEC, GCIH, GCFE, GCIA, GMON, GCFA, GNFA (or related experience)
CME Group is committed to offering a competitive total rewards package for our employees that recognizes their contributions to the business and reflects our long-term investment in their future. The salary range for this role is $133,700-$222,900. Actual salary offered will be dependent on a wide array of factors including but not limited to: relevant experience, skills, education and comparison to internal employees (where relevant). Our compensation program also includes an annual target bonus opportunity for all employees, as well as the opportunity to become an owner in the company through our broad-based equity program. Through our Benefits program, we strive to offer flexibility, value and choice. From comprehensive health coverage, to a retirement package that includes both a 401(k) and an active Pension Plan, to highly competitive education reimbursement provisions, paid time off and a mental health benefit, CME Group offers a holistic Benefits package for our team and their dependents.
CME Group: Where Futures Are Made
CME Group ( is the world's leading derivatives marketplace. But who we are goes deeper than that. Here, you can impact markets worldwide. Transform industries. And build a career shaping tomorrow. We invest in your success and you own it, all while working alongside a team of leading experts who inspire you in ways big and small. Problem solvers, difference makers, trailblazers. Those are our people. And we're looking for more.
At CME Group, we embrace our employees' diverse experiences, cultures and skills, and work to ensure that everyone's perspectives are acknowledged and valued. As an equal opportunity employer, we recognize the importance of a diverse and inclusive workplace and consider all potential employees without regard to any protected characteristic.