Refer Job: Send to a Friend
  • Share this on Facebook
  • Share this on LinkedIn

Add Add to Saved Jobs

Back

Senior Security Analyst

Innovate to solve the world's most important challenges

Honeywell Global Security (HGS) believes in integrating security into all aspects of our business to protect the people, processes, and assets by which Honeywell achieves its greater mission. Advancements in technology, contractual and regulatory requirements, emerging threats, and Honeywell's growth worldwide continue to challenge all of us to ensure everything we do in business is done securely. 
 
The Security Operations Center (SOC) is searching for an incident response analyst with extensive experience in forensic analysis of compromised systems and the ability to reverse engineer malware. The preferred candidate should also be able to formulate and direct incident response efforts, prioritize those response efforts, and create legible incident reports that describe the compromise vector, attacker methodologies, and artifacts of data ex-filtration. Candidate must be highly motivated with the ability to self-start, prioritize, and multi-task within a team and coordinate work actions.
 
You will have the opportunity to take your proven experience and…
  • Apply an understanding of Government & Organizational Regulations including NIST, CUI, ISO
  • Influence leadership and create partnership with businesses and functional leaders to build a cyber safety culture
  • Willingness to serve as a member of an Incident Response Team (IRT) and respond to emergency calls during non-business hours, as needed and participate in on-call rotation
20 Cyber Security Incident Response
20 Forensic Analysis
20 Vulnerability Risk Assessments
20 Malicious Software Reverse Engineering
20 Security Research
YOU MUST HAVE 
  • Bachelor’s degree in a computer related field such as Computer Science, Computer Information Systems, Electronics or in lieu of degree, directly related experience
WE VALUE 
  • Experience performing forensic analysis of Windows and Unix systems to identify compromise artifacts
  • Strong experience with malware analysis and reverse engineering
  • Experience in building sandbox/test lab environments to evaluate malicious code 
  • Experience with log management and/or SIEM technologies such as Splunk, ArcSight, and LogLogic 
  • Scripting and programming experience (e.g., Python, Perl, C, C++, Java, Assembly Language, Shell Scripting) 
  • Experience with databases and SQL
  • Ability to identify actionable indicators of compromise based upon analysis of malware of forensic data 
  • Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis
  • Experience performing incident response with an emphasis on system compromise analysis 
  • Experience performing security reviews/vulnerability risk assessments of network environments using both manual procedures and automated analysis tools. 
  • Possesses a solid understanding of the TCP/IP protocol suite, security architecture, and remote access security techniques/products. 
  • Experience with enterprise anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns. 
  • Creation of tools to automate analysis of malicious binaries. 
  • Ability to perform network based forensics and log analysis 
  • Strong understanding of incident response methodologies and technologies 
  • Ensure the confidentiality, availability, and integrity of SOC data sources 
  • Ability to react quickly, decisively, and deliberately in high stress situations 
  • Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers 
  • Technical certifications considered an asset are:  CISSP,GCIH, GCIA, GCFA, GPEN, GCFE, CCNA, CCNP
 
Due to US export control laws, must be a US citizen, permanent resident or have protected status. Exempt How Honeywell is Connecting the World

INCLUDES

  • Continued Professional Development

ADDITIONAL INFORMATION

  • Job ID: req136093
  • Category: Information Technology
  • Location: 1300 W Warner Rd., Tempe, AZ 85284 USA

Honeywell is an equal opportunity employer. Qualified applicants will be considered without regard to age, race, creed, color, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, or veteran status.