Sr Cyber Threat Analyst

<span class="jobdescription"><p style="margin-bottom:11.0px;text-align:justify"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Join a dynamic team at the pulse of global markets, where we deliver innovative software and service solutions for essential financial reporting and capital markets transactions. At DFIN, we are a values-driven organization that empowers you to build a fulfilling career while bringing your authentic self to work every day. Our <em>“Win as One”</em> mentality ensures that our team’s success is directly linked to Client, Shareholder and Employee Satisfaction.</span></p> <p style="margin-bottom:11.0px;text-align:justify"> </p> <p style="margin-bottom:11.0px;text-align:justify"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Recognized as one of <em>AMERICA'S MOST LOVED WORKPLACES®</em> for five consecutive years and a <em>Built In Best Places to Work</em> for six years, we are committed to our employees’ total well-being. Enjoy competitive compensation, a flexible workplace, comprehensive benefits, and opportunities for professional growth.  Bring your passion and talents to DFIN – because being YOU thrives here. </span></p><div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><h2 style="font-size:1.0em;margin:0.0px"><b>Summary:</b></h2> </div><div><p><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">The Senior Cyber Threat Analyst will lead efforts to investigate cybersecurity incidents from end-to-end, engaging and coordinating peer teams, stakeholders, and external entities as necessary. This person will play a role of subject matter expert in the areas of incident response, threat hunting, and forensics. The Senior Cyber Threat Analyst will author incident response runbooks and mentor cyber threat analysts in incident response and digital forensics methodologies.</span></p></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><h2 style="font-size:1.0em;margin:0.0px"><b>Responsibilities:</b></h2> </div><div><ul> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Lead incident response activities to identify, assess, contain, mitigate all observed threats and document all investigational efforts for multiple audiences</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Develop and operationalize incident response runbooks with an emphasis on automation and ability to measure incident response effectiveness (Develop/track KPIs)</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Document and track incident response investigations, including observed IOCs and TTPs, system(s) impacted, criticality and scope of any data exposure, lessons learned, follow-up items</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Act as a liaison between a diverse group of teams including engineering, security, and network & system operations to ensure effective adoption of incident response requirements and operational considerations</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Act as incident manager for all declared cyber security incidents</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Conduct traditional forensic and data acquisition activities utilizing industry standard commercial and open-source toolsets</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Identify, analyze, and interpret trends or patterns in complex data sets</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Work with the functional business areas as needed during incident response investigations</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Develop, customize, and maintain reporting around key metrics related to investigational and threat hunting activities</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Serve as a trusted advisor to the team Lead, Manger, and the SVP, and CISO on sensitive matters warranting confidentiality</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Communicate and present issues/investigation results to peer and executive-level audiences</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Demonstrate subject matter expertise across most technology domains</span></li> <li style="font-size:12.0pt;font-family:verdana, geneva, sans-serif"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">Perform other duties as assigned</span></li> </ul></div></div><div style="padding:10.0px 0.0px;border:1.0px solid transparent"><div style="font-size:16.0px;word-wrap:break-word"><h2 style="font-size:1.0em;margin:0.0px"><b>Qualifications:</b></h2> </div><div><div> <ul> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Bachelor’s degree with 8+ years of relevant experience or 10+ years of equivalent experience through work and education</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">8+ years of cybersecurity investigation and incident response experience</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Strong understanding of operating systems (Windows, macOS, Linux, Unix, mobile)</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Experience investigating incidents in cloud environments (SaaS, PaaS, and other cloud platforms)</span></li> </ul> <p><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><strong>Preferred Qualifications:</strong></span></p> <ul> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Security certifications (e.g., CISSP, GSEC, GCFA, GCFE)</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Strong analytical and problem-solving skills</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Knowledge across cybersecurity domains, including firewalls, IDS, and network security platforms</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Experience leveraging threat intelligence in security operations</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Advanced knowledge of cyber attack techniques and mitigation strategies</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Ability to assess risk using qualitative and quantitative methods</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Strong communication skills for technical and leadership audiences</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Proven ability to handle confidential data and follow procedures</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Ability to perform effectively in fast-paced, high-pressure environments</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Expertise in incident response, digital forensics, network traffic, log, and malware analysis</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Familiarity with MITRE ATT&CK and ATLAS frameworks</span></li> <li style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">Experience with SIEM, SOAR, and EDR tools for detection and response</span></li> </ul> </div></div></div></div><p style="text-align:justify"><span style="font-size:12.0pt;font-family:verdana, geneva, sans-serif">It is the policy of Donnelley Financial Solutions to select, place, and manage all its employees without discrimination based on race, color, national origin, gender, age, religion, actual or perceived disability, veteran status, actual or perceived sexual orientation, genetic information or any other protected status. </span></p> <p style="text-align:justify"> </p> <p style="text-align:justify"><span style="font-size:12.0pt"><span style="font-family:verdana, geneva, sans-serif">If you are a qualified individual w</span><span style="font-family:verdana, geneva, sans-serif">ith a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access <a href="http://jobs.dfinsolutions.com"><span style="color:#800080">jobs.dfinsolutions.com</span></a><span style="color:#800080"> </span>as a result of your disability.  You can request a reasonable accommodation by sending an email to <span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="color:#800080"><u>talentacquisition@dfinsolutions.com</u></span></span>. </span></span></p> <p style="text-align:justify"> </p> <p style="text-align:justify"><span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt">At DFIN, protecting your identity is a top priority.  Please be aware of scammers impersonating DFIN recruiters.  DFIN recruiters will never request personal information via email or text.  You will only receive a text from us if you've already been in contact. All automated messages will come from<em> <span style="font-family:verdana, geneva, sans-serif;font-size:12.0pt"><span style="color:#800080"><u>talentacquisition@dfinsolutions.com</u></span></span></em>.  If you ever have doubts about the legitimacy of any communication from us, please do not hesitate to reach out for verification via <span style="color:#800080"><u>talentacquisition@dfinsolutions.com</u></span> (this email is for general TA questions and is not used for updates on your application status). #BI-Remote</span></p> </span>

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...