Busey
Overview
Join to apply for the
Senior IT Security Analyst
role at
Busey . The Senior IT Security Analyst is responsible for managing activities relating to monitoring and responding to security events. The analyst monitors application, host, and network threats, including external threat actors and rogue insiders. As a trusted member of the Information Security team and industry community, the analyst works closely with internal technical teams, business units, and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, and government agencies. The analyst conducts in-depth research, documents threats, understands the risk to the business, and shares information with those who need to know. The role requires staying current on attacker methods and continually learning and growing in security discipline. This is not a passive career opportunity; it requires a passion for security and rigor to protect the business. Duties & Responsibilities
Develop, manage, and maintain threat intelligence and threat hunting program and processes. Regularly research and identify emerging threats and TTPs in public and closed forums; work with colleagues to assess risk and implement/validate controls. Assist with Security Operations activities, including triage of alarms/alerts, and performing technical security assessments. Participate in a call tree for outsourced Security Operations Center to assist with triage and remediation of critical and high-rated alerts escalated during and after business hours. Research and recommend solutions to fulfill regulatory compliance with FFIEC, Sarbanes-Oxley, Gramm-Leach-Bliley, and other applicable financial services regulations. Perform periodic reviews of IT procedures and security of all systems to maintain integrity of company and customer data. Document and verify IT-related changes in accordance with security policies and procedures. Research and recommend hardware and software solutions to augment or enhance existing security measures. Stay current in events and trends in IT security; investigate and report security violations and incidents with appropriate protective measures. Conduct scheduled reviews of key application security settings. Develop metrics and scorecards to measure risk to the organization, and effectiveness/efficiency of SOC associates. Assist in process development and improvements to maximize department efficiency and program effectiveness. Support audit and incident processes as required. Monitor and support internal SEIM systems, reports, and searches. Monitor and support internal phishing email report systems and reports. Partner with cross-functional teams and establish strong liaison relationships with key internal business and technology teams. Coach levels I & II on security domains and program processes; VP Security may determine a Team Lead designation for Level III as needed. Participate in security work streams for various enterprise projects and initiatives. Determine and communicate security risk postures to partners and leaders as appropriate. Knowledge Of
Strong experience with threat information sharing and threat hunting processes to proactively identify threats in medium to large environments. Proficient with SIEM tools, threat intelligence platforms, and SOAR solutions to centralize incident and remediation workflow. Knowledge of networking concepts and securing traffic across LAN, WAN, and Internet infrastructure. Proficiency in Windows, Linux, and MacOS for threat research and incident response. Experience in incident handling and investigation including chain-of-custody methods and forensic tools. Understanding of adversary TTPs, MITRE ATT&CK, and CVSS. Scripting capability in Python, Bash, Perl, RegEx, or PowerShell. Familiarity with cloud architectures, security standards, and best practices. Strong oral and written communication skills; strong organizational skills and attention to detail; excellent interpersonal skills. Ability To
Analyze incident logs, attack vectors, vulnerabilities and exploits. Take independent action within established options and develop new procedures when necessary. Analyze assignments based on a wide knowledge of many factors requiring advanced/technical concepts. Self-starter requiring minimal supervision; highly organized and efficient. Demonstrated strategic and tactical thinking; stay current with evolving threat landscape. Perform duties and make decisions under time pressures. Education And Training
(Preferred) Bachelor’s degree in Computer Science, MIS, or related field, or equivalent work experience. On-the-job training in security operations, threat intel and hunting, system administration, incident response, or equivalent. Security+, CySA+, GCIH, CSA, CCSP or similar certification; or willingness to pursue certification within the first six months of hire. At least 5 years of experience in SOC environments, threat intelligence/hunting, or security systems administration. Knowledge of Microsoft Office and other productivity tools. Benefits And Compensation
Salary offered is based on factors including job duties, required qualifications and relevant experience, and local market trends. The role may be eligible for bonus or incentives based on company and individual performance. Base Pay Range: $86,000 - $123,000/year. Busey provides a Total Rewards package including 401(k) match, profit sharing, employee stock purchase plan, paid time off, medical/dental/vision, life insurance, disability coverage, wellness incentives, employee assistance program, pre-tax health savings accounts, and flexible spending accounts. Visit Busey Total Rewards for more information. Equal Opportunity
Busey is an Equal Opportunity Employer including Disability/Vets. We value a diverse and inclusive workplace and are committed to recruiting, developing and retaining exceptional talent. Visit Busey.com/Careers to learn more. Unsolicited Resumes
Busey Bank and its subsidiaries do not accept liability for fees for resumes from recruiters or employment agencies without a binding, written recruitment agreement. Busey may consider candidates submitted by agencies with an Agreement and reserves the right to hire those candidates without financial obligation to the Agency. Agencies without an Agreement are requested not to contact Busey associates with recruiting inquiries or resumes.
#J-18808-Ljbffr
Join to apply for the
Senior IT Security Analyst
role at
Busey . The Senior IT Security Analyst is responsible for managing activities relating to monitoring and responding to security events. The analyst monitors application, host, and network threats, including external threat actors and rogue insiders. As a trusted member of the Information Security team and industry community, the analyst works closely with internal technical teams, business units, and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, and government agencies. The analyst conducts in-depth research, documents threats, understands the risk to the business, and shares information with those who need to know. The role requires staying current on attacker methods and continually learning and growing in security discipline. This is not a passive career opportunity; it requires a passion for security and rigor to protect the business. Duties & Responsibilities
Develop, manage, and maintain threat intelligence and threat hunting program and processes. Regularly research and identify emerging threats and TTPs in public and closed forums; work with colleagues to assess risk and implement/validate controls. Assist with Security Operations activities, including triage of alarms/alerts, and performing technical security assessments. Participate in a call tree for outsourced Security Operations Center to assist with triage and remediation of critical and high-rated alerts escalated during and after business hours. Research and recommend solutions to fulfill regulatory compliance with FFIEC, Sarbanes-Oxley, Gramm-Leach-Bliley, and other applicable financial services regulations. Perform periodic reviews of IT procedures and security of all systems to maintain integrity of company and customer data. Document and verify IT-related changes in accordance with security policies and procedures. Research and recommend hardware and software solutions to augment or enhance existing security measures. Stay current in events and trends in IT security; investigate and report security violations and incidents with appropriate protective measures. Conduct scheduled reviews of key application security settings. Develop metrics and scorecards to measure risk to the organization, and effectiveness/efficiency of SOC associates. Assist in process development and improvements to maximize department efficiency and program effectiveness. Support audit and incident processes as required. Monitor and support internal SEIM systems, reports, and searches. Monitor and support internal phishing email report systems and reports. Partner with cross-functional teams and establish strong liaison relationships with key internal business and technology teams. Coach levels I & II on security domains and program processes; VP Security may determine a Team Lead designation for Level III as needed. Participate in security work streams for various enterprise projects and initiatives. Determine and communicate security risk postures to partners and leaders as appropriate. Knowledge Of
Strong experience with threat information sharing and threat hunting processes to proactively identify threats in medium to large environments. Proficient with SIEM tools, threat intelligence platforms, and SOAR solutions to centralize incident and remediation workflow. Knowledge of networking concepts and securing traffic across LAN, WAN, and Internet infrastructure. Proficiency in Windows, Linux, and MacOS for threat research and incident response. Experience in incident handling and investigation including chain-of-custody methods and forensic tools. Understanding of adversary TTPs, MITRE ATT&CK, and CVSS. Scripting capability in Python, Bash, Perl, RegEx, or PowerShell. Familiarity with cloud architectures, security standards, and best practices. Strong oral and written communication skills; strong organizational skills and attention to detail; excellent interpersonal skills. Ability To
Analyze incident logs, attack vectors, vulnerabilities and exploits. Take independent action within established options and develop new procedures when necessary. Analyze assignments based on a wide knowledge of many factors requiring advanced/technical concepts. Self-starter requiring minimal supervision; highly organized and efficient. Demonstrated strategic and tactical thinking; stay current with evolving threat landscape. Perform duties and make decisions under time pressures. Education And Training
(Preferred) Bachelor’s degree in Computer Science, MIS, or related field, or equivalent work experience. On-the-job training in security operations, threat intel and hunting, system administration, incident response, or equivalent. Security+, CySA+, GCIH, CSA, CCSP or similar certification; or willingness to pursue certification within the first six months of hire. At least 5 years of experience in SOC environments, threat intelligence/hunting, or security systems administration. Knowledge of Microsoft Office and other productivity tools. Benefits And Compensation
Salary offered is based on factors including job duties, required qualifications and relevant experience, and local market trends. The role may be eligible for bonus or incentives based on company and individual performance. Base Pay Range: $86,000 - $123,000/year. Busey provides a Total Rewards package including 401(k) match, profit sharing, employee stock purchase plan, paid time off, medical/dental/vision, life insurance, disability coverage, wellness incentives, employee assistance program, pre-tax health savings accounts, and flexible spending accounts. Visit Busey Total Rewards for more information. Equal Opportunity
Busey is an Equal Opportunity Employer including Disability/Vets. We value a diverse and inclusive workplace and are committed to recruiting, developing and retaining exceptional talent. Visit Busey.com/Careers to learn more. Unsolicited Resumes
Busey Bank and its subsidiaries do not accept liability for fees for resumes from recruiters or employment agencies without a binding, written recruitment agreement. Busey may consider candidates submitted by agencies with an Agreement and reserves the right to hire those candidates without financial obligation to the Agency. Agencies without an Agreement are requested not to contact Busey associates with recruiting inquiries or resumes.
#J-18808-Ljbffr