Information Security Engineering & Operations Analyst

The JFG Information Security Engineering & Operations Analyst plays a key role in supporting JFG's Identity & Access Management (IAM), Cyber Threat Management, and Vulnerability Management services. This role helps support IAM services to provision, deprovision, and certify access to JFG systems. It also helps detect, analyze, hunt for, and report on cybersecurity events related to malware, network intrusion, and data loss protection and insider threat incidents. This role is also responsible for finding and reporting on internal and external vulnerabilities on JFG systems. This role will be supported by a Managed Detection & Response (MDR) services and Identity & Access Management Managed services. Occasional off-hour and weekend work will be expected. Very little (less than 5%) business travel is expected in this role.

This role will be located in Racine, Wisconsin. Ability to come in-office would be required (working a hybrid schedule.)

KEY RESPONSIBILITIES:

• Detect, analyze, contain, and remediate threats and vulnerabilities across the JFG environment.
• Operate and support vulnerability management, data loss protection, cybersecurity monitoring, cybersecurity incident response, intrusion analysis, root-cause-analysis (digital forensics), cyber-threat intelligence, and malware analysis technologies.
• Lead and report on incidents involving malware, network intrusion, insider-threat, internal investigations and litigation support activities.
• Incorporate Cyber Threat Intelligence into operational signal intelligence and reporting.
• Proactively investigate JFG environment for threats based on Cyber Threat Intelligence and known threat methods and patterns (aka Threat Hunting).
• Operate and support Identity Governance and Administration technologies to support timely on/off-boarding of people and regular access governance reviews to ensure appropriate access.
• Support weekly/monthly/quarterly/annual operational metrics, reports and dashboards.
• Assist with maintaining the Cybersecurity Incident Response Plan.
• Collaborate on the continuous improvement of Information Security Operations processes, workflows, and procedures (e.g. RunBooks).
• Automate repetitive tasks and drive efficiencies with measurable benchmarks to show progress.

JOB REQUIREMENTS:

• Associates degree in Information Security, Cybersecurity preferred
• 0-2 years' experience
• Types of certification preferred: Security+, CEH, SSCP
• Experience with Python and PowerShell scripting languages for automation preferred
• Good report writing and communication skills
• Has a basic understanding of the Information Security platforms at JFG, common Information Security controls and frameworks, networking concepts and technologies, as well as Windows and Linux environments

Johnson Financial Group supports and is committed to the principle of equal employment opportunity. We make all employment-related decisions without regard for an individual's race, color, religion, sex, sexual orientation, age, national origin, citizenship, disability, veteran status, or any other protected status as required by law.