Cyber Threat/Incident Analyst (Associate/Sr./Engineer/Sr. Engineer)

Company

Federal Reserve Bank of Atlanta

As an employee of the Atlanta Fed, you will help support our mission of promoting the stability and efficiency of the U.S.

economy and financial system.

Your work will affect the economy of the Southeast, the United States, and the world.

The work we do here is important, and how we do it is just as important as what we do.

We live our values of integrity, excellence, and respect every day.

We do the right thing, we do things right, and we treat people right.

A career at the Federal Reserve Bank of Atlanta gives you the chance to do work that touches lives and helps communities prosper.

We are a dynamic hybrid workplace environment that requires at least 2 days a week in the office.

Position Summary:

The Threat and Vulnerability Management team provides vulnerability management and incident response services for the 6th Federal Reserve District.

Under direct supervision from management and other team members, the TVM Analyst uses existing processes and procedures to solve routine or standard problems required to protect the organization’s information assets.

Participates in one functional area defined below as primary responsibility and assists in other areas as requested.

Works with critical and sensitive information daily and is relied upon to maintain intended security safeguards.

Key Responsibilities:

Participates in one functional area defined below as primary responsibility and assists in other areas as requested.


* Foundational Skills:
+ Limited prior knowledge and experience with:
o The MITRE ATT&CK framework.
o Digital Forensics and Incident Response (DFIR).
o Common cyber-attacks, malware, and the risk they pose.
o Security Information Event Manager (SIEM) technology: searches, log analysis, and creation of alerts/alarms.
o Typical enterprise networking architecture, protocols, and packet analysis.
o Current trends in malware, cyber-attacks, and OS/application vulnerabilities.
o Web application vulnerabilities, such as injection, configuration, information leakage, and typical threats, attacks, and countermeasures.
o Dynamic web application vulnerability assessment scanners: configuration, scanning, and interpreting/triaging test results.
o Enterprise network vulnerability scanning applications, including use and administration.
o Communicating with stakeholders regarding cyber topics, can drive results to reduce risk in the environment.
o Threat hunting methodologies and frameworks.
o Cloud service provider technologies and security.


* Function Areas:
+ Flaw Remediation
o Applies patches, configurations, group policy objects, or other remediation activities to workstations and other endpoints using a variety of toolsets.
o Reviews reports and conduc...