Cyber Threat Defense Operations Analyst Job
Apply for Job
Enter your email to apply Requisition ID : COM000652
MSD is a global health care leader with a diversified portfolio of prescription medicines, vaccines and animal health products.
The difference between potential and achievement lies in the spark that fuels innovation and inventiveness; this is the space where MSD has codified its 125-
year legacy. MSD’s success is backed by ethical integrity, forward momentum, and an inspiring mission to achieve new milestones in global healthcare.
MSD’s Information Technology division partners with colleagues across the business to help serve our patients and customers around the world.
Ours is a high-energy team of dynamic, innovative individuals dedicated to advancing MSD’s contribution to global medical innovation by leveraging information and technology to efficiently advance the business by driving revenue and productivity.
Key Responsibilities :
Develops use cases and create threat detection logic, rules, and alerting in SIEM for response by IR analysts
Works with Threat Architects to identify and recommend new internal and external data sources to develop additional threat detection logic
Analyzes threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and a variety of other sources and recommends rules and other process changes to protect against the same
Operationalizes Indicator of Compromise from intelligence feeds by developing, testing, and deploying monitoring and alerting rules into SIEM
BA / BS or MA / MS in Engineering, Computer Science, Information Security, or Information Systems
Experience in one or more of the following areas : proactive and reactive hunt techniques, zero-day exploit activities, malware identification
Expert knowledge of network monitoring and network exploitation techniques
Experience with common attack vectors, including advanced adversaries (nation state / financial motivation)
Knowledge around common web application attacks including SQL injection, cross-site scripting, invalid inputs and forceful browsing
Ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation and to learn and adapt quickly
Ability to learn and operate in a dynamic environment
Knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
Strong written communication skills
Required certifications include, Security+, CEH, GCIA, GCIH, CISSP or similar
Experience working with cyber security tools and software such as Splunk, Symantec End Point, TrendMicro Antivirus, McAfee Web Gateway, Checkpoint Firewalls, Bluecoat, Sourcefire, Active Directory, or relevant cyber security assets
Nice to have :
Experience with scripting or programming, including Perl, Python, C, C++, C#, Java, Bash / Shell, or Batch is a plus
Experience developing detection logic for enterprise SIEM systems
Experience with exploitation techniques and use case development
Experience with IOC datasets (e.g., YARA, OpenIOC)
Your role at MSD is integral to helping the world meet new breakthroughs that affect generations to come, and we’re counting on your skills and inventiveness to help make meaningful contributions to global medical advancement.
At MSD, we’re inventing for life.