Senior Cyber Security Analyst
Herndon, VA

Job Description

Do you have a passion for Cyber Security and a good understanding of Security concepts? If you have proven Security Analysis experience and would like to be part of a team that is the first line of Security defense for the organization, apply to join Freddie Mac's Cyber Security division. As a Senior Cyber Security Analyst, you will be part of Cyber Security Operations Center team at Freddie Mac and will help carry Information Security department's vision of reducing information risk by ensuring and enhancing the Confidentiality, Integrity and availability of Information systems at Freddie Mac. You will report to the Manager of Cyber Security Operations Center.

Your Work Falls into Three Primary Categories:

Threat Hunting

* Use knowledge of tactics, techniques, and procedures associated with malicious activities to develop hunt plans.
* Responsible for analyzing logs and performing log correlations to identify anomalous/malicious behavior utilizing hunt plans/techniques.
* Establish processes, procedures for carrying out Threat Hunting, response and documenting results/metrics.
* Hands-on experience with packet analysis and usage of deep packet inspection tools.
* Work with Threat Detection (Content Development) team to explore new use cases for hunting activities that can be automated.
* Review existing alerts, identify opportunities for tuning and work with Content development team to test and implement them.
* Participate in review of new SIEM use cases and develop runbooks that provide guidelines for analyzing specific threats related to the new use cases.

Collaboration

* Collaborate with Threat Detection team to understand various log sources, determine detection coverage of TTPs and develop hunt plans accordingly.
* Coordinate response, triage and escalation of security events affecting the company's information assets and activities with the Incident Response team.
* Coordinate with Forensics Team for analysis of malware samples, obtain IOCs and implement necessary preventive measures.
* Partner with Business/IT stakeholders to identify, detect and prevent security threats the organization faces.
* Provides guidance to build the necessary controls to execute Threat Hunting function.
* Present to different audiences and adjust accordingly. (business, technical and management) either structured presentations or ad-hoc.

Align with Industry best practices

* Review new Threats, determine need for hunting use cases and develop/execute hunt plans to determine impact to the environment.
* Evaluate hunting techniques on a periodic basis to ensure that they are still relevant, support monitoring of security risks, have the right data sources and are providing value.Review existing runbooks to determine if they capture the requirements, how SIEM correlates the events, frequency of job execution and generic guidelines that provide analysts a comprehensive understanding of security use cases and how to address them.
* 5+ years of Information Security or related risk management experience.
* 2+ years of Hands on Information Security Threat Hunting experience.
* Knowledge of common tactics used by attackers and methods for detection including development of detection signatures (YARA, SNORT).
* Knowledge and experience working with Hunting Maturity Model (HMM) and/or MITRE ATT&CK framework.
* Experience with monitoring Security events from SIEM, Threat Intelligence, end user notifications, etc to determine security risk and respond accordingly.
* Strong knowledge of enterprise detection technologies and processes (Advanced Threat Detection Tools, IDS/IPS, Network Packet Analysis, Endpoint Protection).
* Advanced knowledge of network protocols and operating systems (Windows, Unix, Linux, Databases).
* Experience with monitoring/hunting in Cloud environments.
* Bachelor's degree in Information Security, Computer Science, Information Technology, related field or equivalent work experience
* Relevant security knowledge and experience in two of the following areas: security operations, incident response, network/host intrusion detection, threat hunting.
* Ability to communicate clearly, effectively, persuasively and credibly with internal management and external senior level oversight entities.

Key to Success in this Role

* Self-starter and self-motivated.
* Ability to work & collaborate effectively in a team environment.
* Sense of urgency and able to apply risk based approach to prioritize work.
* Ability to communicate clearly, effectively, persuasively with technology and business stakeholders.
* Motivated to learn new technologies and identify process improvements and efficiencies.
* Ability to adapt to change while continuing to deliver on assigned objectives.
* Strong verbal and written communications skills.

Top 3 Personal Competencies to Possess

* Drive for Execution - Be accountable for strong individual and team performance
* Partnership - Build trust and strong partnerships through your own and team's actions
* Growth and Development - Know or learn what is needed to deliver results and successfully compete
* CySA+, GCIA, GCFA, GNFA, CISSP or similar certifications
* Passion for Cyber Threat Hunting, analysis, and finding unknown threats in the environment
* Experience in financial services industry

Today, Freddie Mac makes home possible for one in four home borrowers and is one of the largest sources of financing for multifamily housing. Join our smart, creative and dedicated team and you'll do important work for the housing finance system and make a difference in the lives of others. Freddie Mac is an equal opportunity and top diversity employer. EOE, M/F/D/V.