Lead Cyber Hunter, National Incident Response Team - Federal Reserve (East Rutherford, NJ)
At the Federal Reserve Bank of New York, the work we do is consequential and challenging. Our environment encourages growth and diversity. Our employees flourish in a team-oriented atmosphere and are dedicated to the important mission of the New York Fed.
The National Incident Response Team (NIRT), a national service provider for the Federal Reserve System, delivers effective and efficient national intrusion detection, incident response, security intelligence, threat assessment, and vulnerability assessment services for the Federal Reserve System. The mission of the National Incident Response Team is to play a leading role in the Federal Reserve System's efforts to protect its information systems against unauthorized use. Your role as a Lead Cyber Hunter:
The mission of NIRT's Incident Detection and Analysis (IDA) team is to be an agile team that effectively detects, analyses and investigates information security incidents for its customers. The team is focused on ensuring the security and integrity of critical enterprise systems and environments through the use of various analytical data mining techniques and automated tactics. As a Lead Cyber Hunter, you are responsible for spear-heading the NIRT's cyber hunting capabilities holistically. Through partnerships as well as internal and external data collection and mining, you will search for deep, persistent threats that may not be detected by traditional techniques. You are also responsible for expanding the team's cyber hunting capabilities through cross-training; you will serve as a cyber hunter subject matter expert for the NIRT. Furthermore you will execute core detection responsibilities in order to remain familiar with operational data.
Qualifications: What we are looking for:
- Leads investigations through data analysis and information gathering.
- Performs pro-active hunting for intelligence related to malicious activity that can impact the FRS network and digital assets.
- Maintain knowledge of relevant adversary TTPs in order to help ensure that the offensive landscapes informs the team's defensive posture.
- Produce reports and presentations to illustrate results of cyber hunting activities.
- Plans and executes formal cyber hunt engagements for customers.
- Coordinate with intelligence analysts to take action on relevant intelligence products.
- Cross-trains detection analysts to expand the IDA team's cyber hunting capabilities through the development of a remote and onsite cyber hunting training package that supports individual and team training.
- Utilizes detection techniques from successful hunt engagements to provide feedback to the automation team.
- Provides input and technical expertise during 0-day scenarios, where existing detection fails to catch emerging TTPs.
- Ability to work weekends on a rotational basis with the rest of the team to ensure 24x7 coverage of Threat Analysis Center (TAC).
The Federal Reserve Bank of New York is committed to a diverse workforce and to providing equal employment opportunity to all persons without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, age, genetic information, disability, or military service. Why the Fed:
- Bachelor's degree in Computer Science, Cybersecurity, Information Assurance or a domain related field or an equivalent combination of education and work experience.
- Ability to obtain and maintain National Security Clearance, which includes US Citizenship.
- 4 years of cyber security work experience, with at least 2 years of cyber hunting experience.
- Hands on experience performing incident detection and analysis in a 24x7 operational environment is a plus.
- Proven ability to collaborate, build relationships and influence individuals at all levels in a matrix-management environment.
- Strong security platform and technology capabilities; SIEM utilization skills with the ability to review and analyze security events from various monitoring and logging sources to identify and/or confirm suspicious activity.
- In-depth knowledge of, and experience with, cloud computing technology.
- In-depth knowledge of, and experience with, TCP/IP protocol and network/packet analysis.
- In-depth knowledge of current security threats, techniques, and landscape, as well as a dedicated and self-driven desire to research current information security landscape.
- In-depth conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services. This should include knowledge of networking protocols, firewall functionality, host and network intrusion detection systems, operating systems, databases and
- other technologies.
- Working knowledge of Microsoft Office products, including Visio and Project.
Working at the Federal Reserve Bank of New York positions you at the center of the financial world with a unique perspective on national and international markets and economies. You'll work in an environment with a diverse group of talented professionals to foster and support the safety, soundness, and vitality of our economic and financial systems. It's a challenge that demands the skills of a financial services professional and the intellectual curiosity of an academic—all combined with a passion for public service.
The Federal Reserve Bank of New York is committed to a work environment that respects and fully values the strengths and differences of its people. Working at the New York Fed provides talented professionals the chance to grow their skills at an institution that has served a critical role in the financial system of the United States and the world for over a century. An important component of the Bank’s diversity effort is our partnership with several professional non-profit organizations, including INROADS, JumpStart Advisory Group, NBDC Emerging Leaders, Seizing Every Opportunity, National Black MBA, Out for Undergrad, Prospanica and Reaching Out MBA.