Regions Bank
Job Description
At Regions, the Cyber Security Analyst is responsible for analyzing, identifying, and documenting cybersecurity risks. This role requires a proactive individual with an understanding of core technology and cybersecurity principles, along with industry best practices, to investigate, remediate, and/or elevate issues for further evaluation.
Primary Responsibilities
Analyzes and responds to cyber threats within various security tools according to documented procedures and determines when deviations are necessary to gather required information.
Proactively identifies opportunities for tuning security tools, submits requests to support teams to enhance threat detection accuracy, and coordinates with related teams to see tuning through to completion.
Provides recommendations for updates to policies, standards, and procedures to improve process flows.
Performs threat hunting and participates as a key stakeholder in tabletop exercises on a rotational basis as needed.
Assists in incident response.
Maintains meticulous records of all work performed, including root‑cause analysis, indicators of compromise, remediation steps, timelines of events, and impact assessments using clear and concise annotations.
Mentors, reviews, and assists other analysts in their documentation and training.
Maintains awareness of global cybersecurity threat trends and proactively provides guidance where gaps may exist around existing detections and procedures.
Supports and collaborates with various cybersecurity teams to document security posture and assess the environment for relevant IOCs and gaps as needed.
Participates in and leads security assessments (e.g., Security Architecture Reviews, Red Team assessments, Purple Team engagements, and formal tabletop exercises) as needed.
Participates in and leads planning for cyber security engineering and architecture of new projects as needed.
Provides in‑depth guidance on process improvement.
Acts as a coach and mentor to junior analysts.
Leads special projects.
Serves as a subject‑matter expert (SME) within cybersecurity.
Requirements
High School Diploma or GED plus 10 years of related post‑secondary education and/or experience in Information Security or Information Technology.
Minimum of two relevant certifications in Information Security, or the ability to obtain relevant certification within twelve months of starting in this position (e.g., CompTIA Network+/Security+/CySA+, EC‑Council Certified Ethical Hacker (CEH), Cisco CCNA/CCNA‑Security, GIAC GSEC, etc.).
Familiarity with regulatory requirements and industry standards such as GLBA, PCI‑DSS, NIST, etc.
Willingness and availability to work on a pre‑determined shift and rotations on call.
Preferences
Minimum of one Intermediate to Advanced Amazon Web Services (AWS) or Azure Architect/Administrator and/or Security specialty certification.
Advanced Incident Response, Cyber Leadership, Penetration Testing certifications (e.g., GCIH, GSOM, GPEN, CISSP, CISM, OSCP).
Prior working experience in a Security Operations Center (SOC) environment.
Prior experience developing use cases for an SOC from threat hunting and threat detection engineering to investigation playbooks and response procedures.
Understanding of MITRE ATT&CK Framework and Cyberattack Kill Chain and how these frameworks identify gaps and orient analysts in attack progression.
Skills And Competencies
Self‑starter with initiative and drive for continuous improvement.
Team‑oriented individual who works well with others and values group success.
Advanced understanding of information security principles, controls, and technologies.
Strong organizational, research, analytical, and problem‑solving skills to evaluate situations and respond appropriately.
Excellent writing and verbal communication skills.
Strong familiarity with concepts related to security disciplines such as malware analysis, computer forensics, cyber incident response, network intrusion detection, packet analysis, penetration testing, vulnerability scanning, compliance, audit, or cyber threat intelligence.
Strong investigative and problem‑solving skills.
Additional Job Description
Strong understanding of the cyber threat landscape, including TTPs of threat actors.
Experience working with threat intelligence platforms and using tactical or strategic intel to determine relevant threats and plans of action.
Familiarity with MITRE ATT&CK/D3FEND/ATLAS frameworks and threat‑modeling methodologies.
Proficiency in analyzing indicators of compromise, malware, phishing, and network traffic.
Ability to write technical and executive reports and provide verbal briefings or presentations.
Experience with SIEM tools (e.g., Splunk, Elastic) and log analysis.
Familiarity with AI technologies, threats, and risk mitigation.
Position Type Full time
Compensation Details Pay ranges are job specific and are provided as a point‑of‑market reference for compensation decisions. Other factors directly impact pay for individual associates, including experience, skills, knowledge, contribution, job location, and performance.
Minimum Job Range Target:
$121,316.25 USD
Median:
$159,690.00 USD
Incentive Pay Plans:
Opportunity to participate in the Long Term Incentive Plan.
Benefits Information
Paid Vacation/Sick Time
401(k) with Company Match
Medical, Dental and Vision Benefits
Disability Benefits
Health Savings Account
Flexible Spending Account
Life Insurance
Parental Leave
Employee Assistance Program
Associate Volunteer Program
Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time.
Learn more about Regions’ benefits: https://www.regions.com/about-regions/welcome-portal/benefits
Location Riverchase Operations Center
Hoover, Alabama
This position is intended to be onsite, now or in the near future. Associates will have regular work hours, including full days in the office three or more days a week. The manager will set the work schedule, including in‑office expectations. Regions will not provide relocation assistance; relocation would be at your expense. This position must be within a reasonable driving distance to Birmingham, AL or Charlotte, NC. Exceptions may be made for current Regions associates who work remotely.
Equal Opportunity Employer/including Disabled/Veterans
Job applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting. Job postings for higher‑volume positions may remain active for longer than the minimum period due to business need and may be closed at any time at the discretion of the company.
#J-18808-Ljbffr
Primary Responsibilities
Analyzes and responds to cyber threats within various security tools according to documented procedures and determines when deviations are necessary to gather required information.
Proactively identifies opportunities for tuning security tools, submits requests to support teams to enhance threat detection accuracy, and coordinates with related teams to see tuning through to completion.
Provides recommendations for updates to policies, standards, and procedures to improve process flows.
Performs threat hunting and participates as a key stakeholder in tabletop exercises on a rotational basis as needed.
Assists in incident response.
Maintains meticulous records of all work performed, including root‑cause analysis, indicators of compromise, remediation steps, timelines of events, and impact assessments using clear and concise annotations.
Mentors, reviews, and assists other analysts in their documentation and training.
Maintains awareness of global cybersecurity threat trends and proactively provides guidance where gaps may exist around existing detections and procedures.
Supports and collaborates with various cybersecurity teams to document security posture and assess the environment for relevant IOCs and gaps as needed.
Participates in and leads security assessments (e.g., Security Architecture Reviews, Red Team assessments, Purple Team engagements, and formal tabletop exercises) as needed.
Participates in and leads planning for cyber security engineering and architecture of new projects as needed.
Provides in‑depth guidance on process improvement.
Acts as a coach and mentor to junior analysts.
Leads special projects.
Serves as a subject‑matter expert (SME) within cybersecurity.
Requirements
High School Diploma or GED plus 10 years of related post‑secondary education and/or experience in Information Security or Information Technology.
Minimum of two relevant certifications in Information Security, or the ability to obtain relevant certification within twelve months of starting in this position (e.g., CompTIA Network+/Security+/CySA+, EC‑Council Certified Ethical Hacker (CEH), Cisco CCNA/CCNA‑Security, GIAC GSEC, etc.).
Familiarity with regulatory requirements and industry standards such as GLBA, PCI‑DSS, NIST, etc.
Willingness and availability to work on a pre‑determined shift and rotations on call.
Preferences
Minimum of one Intermediate to Advanced Amazon Web Services (AWS) or Azure Architect/Administrator and/or Security specialty certification.
Advanced Incident Response, Cyber Leadership, Penetration Testing certifications (e.g., GCIH, GSOM, GPEN, CISSP, CISM, OSCP).
Prior working experience in a Security Operations Center (SOC) environment.
Prior experience developing use cases for an SOC from threat hunting and threat detection engineering to investigation playbooks and response procedures.
Understanding of MITRE ATT&CK Framework and Cyberattack Kill Chain and how these frameworks identify gaps and orient analysts in attack progression.
Skills And Competencies
Self‑starter with initiative and drive for continuous improvement.
Team‑oriented individual who works well with others and values group success.
Advanced understanding of information security principles, controls, and technologies.
Strong organizational, research, analytical, and problem‑solving skills to evaluate situations and respond appropriately.
Excellent writing and verbal communication skills.
Strong familiarity with concepts related to security disciplines such as malware analysis, computer forensics, cyber incident response, network intrusion detection, packet analysis, penetration testing, vulnerability scanning, compliance, audit, or cyber threat intelligence.
Strong investigative and problem‑solving skills.
Additional Job Description
Strong understanding of the cyber threat landscape, including TTPs of threat actors.
Experience working with threat intelligence platforms and using tactical or strategic intel to determine relevant threats and plans of action.
Familiarity with MITRE ATT&CK/D3FEND/ATLAS frameworks and threat‑modeling methodologies.
Proficiency in analyzing indicators of compromise, malware, phishing, and network traffic.
Ability to write technical and executive reports and provide verbal briefings or presentations.
Experience with SIEM tools (e.g., Splunk, Elastic) and log analysis.
Familiarity with AI technologies, threats, and risk mitigation.
Position Type Full time
Compensation Details Pay ranges are job specific and are provided as a point‑of‑market reference for compensation decisions. Other factors directly impact pay for individual associates, including experience, skills, knowledge, contribution, job location, and performance.
Minimum Job Range Target:
$121,316.25 USD
Median:
$159,690.00 USD
Incentive Pay Plans:
Opportunity to participate in the Long Term Incentive Plan.
Benefits Information
Paid Vacation/Sick Time
401(k) with Company Match
Medical, Dental and Vision Benefits
Disability Benefits
Health Savings Account
Flexible Spending Account
Life Insurance
Parental Leave
Employee Assistance Program
Associate Volunteer Program
Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time.
Learn more about Regions’ benefits: https://www.regions.com/about-regions/welcome-portal/benefits
Location Riverchase Operations Center
Hoover, Alabama
This position is intended to be onsite, now or in the near future. Associates will have regular work hours, including full days in the office three or more days a week. The manager will set the work schedule, including in‑office expectations. Regions will not provide relocation assistance; relocation would be at your expense. This position must be within a reasonable driving distance to Birmingham, AL or Charlotte, NC. Exceptions may be made for current Regions associates who work remotely.
Equal Opportunity Employer/including Disabled/Veterans
Job applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting. Job postings for higher‑volume positions may remain active for longer than the minimum period due to business need and may be closed at any time at the discretion of the company.
#J-18808-Ljbffr