Sr Cyber Defense Ops Spec

<p><strong>Description</strong></p>

As the Sr Cyber Defense Ops Specialist, you are a senior individual contributor in the Cyber Defense Threat Detection (CDTD) Cyber Defense Operations Center (CDOC), responsible for performing security monitoring, intrusion analysis, incident handling, data loss prevention, privileged user monitoring, training of analysts, security incident management, malware detection/eradication, and recognizing hacker/incident response tactics, techniques, and procedures. You will have responsibility for one or more of the security systems aligned with their specific function, either directly or indirectly; and will be a technical authority for critical operational decisions having significant impact to the organization with authority extending beyond the team to include both technology and business line areas in security related decisions. This role requires you to stay current with security technology, the threat landscape, and emerging threats. You will also act as a subject matter expert in their specific disciplines and will provide management with recommendations and guidance as needed.

Primary responsibilities include

• Performing ongoing monitoring and threat analysis, analyzing logs, NetFlow data, and packet capture.
• Identifying potential IT security incidents and escalating information to appropriate IR senior staff.
• Assessing threat and vulnerability information from all sources (both internal and external) and promptly applying applicable mitigation techniques.
• Developing meaningful metrics to reflect the true posture of the environment allowing the organization to make educated decisions based on risk.
• Using information from cyber security tools and processes, assessing potential security and business impacts while communicating recommendations to management.
• Representing Cyber Defense as needed on security related or risk related initiatives or working groups where technical skills and security expertise are required.
• Proactively protecting, monitoring, investigating and resolving threats to secure user environment and company assets.

 

Experience and Skills: 

• 3 or more years of security industry experience preferably in a Security Operations Center (SOC) environment 
• Experience with the following highly desirable: 
  • Security Information and Event Management Tools (Arcsight, Splunk, etc.) 
  • Intrusion Prevention/Detection Tools (FirePower, McAfee) 
  • Database Security Tools (Guardium, jSonar) 
  • Data Loss Prevention Tools (Symantec, Triton, etc.) 
  • Firewalls (Cisco, Palo Alto, Check Point etc.) 
• Application Security Tools (Web Application Firewalls) 
• Vulnerability tools 
• Cyber Security Incident Response 
• Host Intrusion Detection Systems 
• XDR and Antivirus Tools (Crowdstrike, Symantec, MS Defender) 
• Strong verbal and written communication skills including the ability to communicate technical concepts to non-technical audiences. 
• Excellent critical thinking, problem-solving, and decision-making skills. 
• Must possess active listening, attention to detail, customer service, prioritization, and problem-solving skills. 
• Ability to work independently or strategically. 

• Experience adapting and demonstrating flexibility while working in a dynamic environment. 

   

 

Education and Certifications 

• Bachelor’s Degree or equivalent combination of experience 
• A combination of relevant industry certifications preferred (e.g. Net+, Sec+, CySA+, CEH, Pentest+, GCFA, GSOC, AWS Certified Cloud Practitioner, Microsoft Azure Fundamentals) 

 

Hours & Work Schedule 

Hours per Week:  40 Hrs. (4 days per week) 

Work Schedule:  7:00AM – 5:00PM (Tuesday - Friday)

Location: One Citizens Way, Johnston, RI - Citizens Bank Johnston Campus (this is not a remote opportunity) 

Pay Transparency

The salary range for this position is $84,000 - $100,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to the work location, and relevant skills and experience.

We offer competitive pay, comprehensive medical, dental and vision coverage, retirement benefits, maternity/paternity leave, flexible work arrangements, education reimbursement, wellness programs and more. Note, Citizens’ paid time off policy exceeds the mandatory, paid sick or paid time-away policy of every local and state jurisdiction in the United States. For an overview of our benefits, visit https://jobs.citizensbank.com/benefits .

Some job boards have started using jobseeker-reported data to estimate salary ranges for roles. If you apply and qualify for this role, a recruiter will discuss accurate pay guidance.

Equal Employment Opportunity

Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family status/parenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague’s or a dependent’s reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.