Information Security Analyst, Event Analyst - CSIRT

Brooklyn Park, Minnesota, United States
Aug 24, 2016
Jan 15, 2017
Business, Other
Employment Status
Full Time
JOIN US AS AN INFORMATION SECURITY ANALYST, EVENT ANALYST - CSIRT, CYBER SECURITYSimilar Industry Titles and Key Words: cyber security, intrusion, event analyst, fusion center, incidentsSUMMARYThe Event Analyst position is responsible for detecting and assessing cyber security events and incidents across the Target environment. The Event Analyst works among a team of skilled analysts to address complex or difficult problems as needed within a 24x7 Cyber Fusion Center (CFC) environment. The Event Analyst also is responsible for implementing new processes and procedures as identified by the CSIRT and the CFC Leadership to ensure for continuous improvements to monitor, detect and mitigation capabilities.KEY RESPONSIBILITIES
  • Monitors SIEM and logging environments for security events and alerts to potential (or active) threats, intrusions, and/or compromises
  • Responsible for understanding the global threat landscape through working with Target Cyber Threat Intel team to maintain awareness
  • Assists with triage of service requests from customers and internal teams
  • Escalates cyber security events according to Target's Cyber Security Incident Response Plan
  • Assists with containment of threats and remediation of environment during or after an incident
  • Acts as a participant during Cyber Hunt activities at the direction of one or more Target Incident Handlers
  • Documents event analysis and writes comprehensive reports of incident investigations
  • BS in Computer Science, Computer Engineering, Math, Information Security or a related field. 
  • 2 or more years of experience in a Security Operations Centers or Cyber Security Incident Response Teams in lieu of education requirement.
  • Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and adaptive learning
  • Excellent written and oral communication skills
  • Thorough understanding of fundamental security and network concepts (Operating systems, intrusion/detection, TCP/IP, ports, etc.)
  • Willing to work in a team-oriented 24/7 SOC environment; flexibility to work on a rotating schedule (including occasional shift work)
  • Security certifications (e.g. Security+, GCIA, GCIH, CISSP, CEH, etc.)
  • Experience with ArcSight/Splunk/FireEye or other security products desired
  • Experience managing cases with enterprise SIEM or Incident Management systems
  • Experience supporting network investigations.
  • Experience with network monitoring in a SOC environment desired
BenefitsEligible team members will receive one of the best earnings packages anywhere, including competitive pay, all-around insurance coverage, 401(k), flexible scheduling, training and development and many other perks and benefits. Target is an Equal Employment Opportunity Employer and is a drug-free workplace.About Target®Expect the Best. At Target, we have a vision: to become the best - the best culture and brand, the best place for growth and the company with the best reputation. We offer an inclusive, collaborative and energetic work environment that rewards those who perform. We deliver engaging, innovative and on-trend experiences for our team members and our guests. We invest in our team members' futures by developing leaders and providing a breadth of opportunities for professional development. It takes the best to become the best, and we are committed to building a team that does the right thing for our guests, shareholders, team members and communities.Minneapolis-based Target Corporation serves guests at stores nationwide and at Target is committed to providing a fun and convenient shopping experience with access to unique and highly differentiated products at affordable prices. Since 1946, the corporation has given 5 percent of its income through community grants and programs like Take Charge of Education®.