Cyber Threat Operations Analyst

Job Description

General Summary:

The Cyber Threat Operations (CTOps) User Behavior analyst is responsible for managing activities relating to user behavior monitoring, insider threat detection, and responding to security events. Additionally, this position is responsible for participation in the Cyber Security Incident Response Team (CSIRT). The CTOps User Behavior Analyst works with multiple technology platforms and interfaces with other groups within IT security operations, IT security architecture, Legal and Privacy staff, Global Security, offshore partners, and other technology and business functions.  The scope of duties for the CTOps User Behavior Analyst’s toolkit includes Forcepoint, Proofpoint, M365, CrowdStrike and Palo Alto products. 

Key Duties and Responsibilities:​

• Experience managing data loss prevention (DLP) and conducting Insider Threat investigations, with knowledge of industry tools such as Forcepoint, Proofpoint, CrowdStrike, Palo Alto, M365, CASB solutions along with open-source research.
• Contribute to the company information and digital security strategy and roadmap.
• Evaluate and update CSOC, Threat Operations and User Behavior Monitoring policies and procedures as appropriate.
• Oversee a team of associates and (potentially) onsite and offsite contractors to monitor for and respond to security events 24x7x365. 
• Provide cybersecurity incident response leadership, as well as running postmortem exercises. 
• Create measurable benchmarks for the organization to show progress (or deficiencies requiring additional attention). 
• Plan and conduct regular incident training such as tabletop exercises, to include all members of the extended response team to foster incident plan and procedure familiarity and team training.  Conduct these exercises at different levels including senior management and technical team. 
• Automate repetitive tasks and drive efficiencies so analysts can work on more advanced tasks.  
• Manage security event investigations, partnering with other departments as needed. 
• Integrate threat intelligence into cyber threat operations. 
• Develop metrics and scorecards to measure risk to the organization, as well as effectiveness and efficiency of CSOC and Threat Operations activities. 
• Partner with the security engineering team to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities. 
• Perform other duties as assigned. 

Knowledge and Skills:

• Excellence in communicating business risk from cybersecurity issues. 
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
• The role requires familiarity with recent threats and adversarial techniques, as well as the ability to quickly understand complex environments.
• Business and interpersonal skills are essential to manage risk to the business, interface with other business units and develop CSIRT responders.
• The CTOps Analyst contributes to the company information and digital security strategy and roadmap, and is an excellent communicator at both the staff and executive levels. 
• Experience in investigations using formal chain-of-custody methods, forensic tools and best practices. 
• Experience managing security information and event management (SIEM) systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools. 

Education and Experience:

• At least 5+ years of information security monitoring and response or related experience.  
• Experience operating in a 24x7 operational environment. 
• Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent
• Experience driving measurable improvement in monitoring and response capabilities at scale. 
• CISSP, CISM and/or SANS certification a plus. 
• Effective communicator with ability to influence business units.  
• Analytical and problem-solving mindset. 
• Highly organized and efficient. 
• Leverages strategic and tactical thinking. 
• Works calmly under pressure and with tight deadlines.  
• Demonstrates effective decision-making skills. 
• Is highly trustworthy; leads by example. 

​

Pay Range:

Disclosure Statement:

Flex Designation:

Flex Eligibility Status:

In this Remote-Eligible role, you can choose to be designated as: 
1.    Remote: work remotely five days per week and come into the office on occasion – you’re always welcome on-site; or select 
2.    Hybrid: work remotely up to two days per week; or select
3.    On-Site: work five days per week on-site with ad hoc flexibility.

Note: The Flex status for this position is subject to Vertex’s Policy on Flex @ Vertex Program and may be changed at any time. 

Company Information

Vertex is a global biotechnology company that invests in scientific innovation.

Vertex is committed to equal employment opportunity and non-discrimination for all employees and qualified applicants without regard to a person's race, color, sex, gender identity or expression, age, religion, national origin, ancestry, ethnicity, disability, veteran status, genetic information, sexual orientation, marital status, or any characteristic protected under applicable law. Vertex is an E-Verify Employer in the United States. Vertex will make reasonable accommodations for qualified individuals with known disabilities, in accordance with applicable law.

Any applicant requiring an accommodation in connection with the hiring process and/or to perform the essential functions of the position for which the applicant has applied should make a request to the recruiter or hiring manager, or contact Talent Acquisition at [email protected]