Security Analyst

Overview The Security Analyst II serves as Tier 1-2 Analyst member of the Bunge Global SOC and all operational activities that serve to protect the confidentiality, integrity and security management of business and employee information and systems in compliance with organization policies and standards. He/she will focus on structured tasks associated with proactive response, initial identification and remediation of suspicious network and host based activity. The candidate should display strong technical depth in TCP/IP protocols, malware and virus behavior, PC and server software, application and custom code. A solid technical background in computer vulnerabilities, attack vectors and exploits is required. Main Accountabilities Conduct Tier 2 advance Incident Response analysis to collect, store, and correlate, analyze, identify and respond to security data derived from sensors. Implement, configure, and optimize the detection and reporting capabilities of the company’s global security tool suite. Collect and analyze intrusion artifacts (e.g., event logs, source code, malware) and use discovered data to support incident response actions. Support, mentor and train Tier 1 Cyber Security Analysts Conduct rapid incident response activities and cyber event investigations, formulate technical response actions to mitigate/contain cyber events. Perform as part of the CTDO group, initial analysis, triage and response tasks of cyber events with the security team to operate a global SOC for Bunge to safeguard the company's assets, intellectual property and information systems. Knowledge and Skills Improve Bunge's outcomes by making data-driven decisions, keeping the customer at the forefront of all they do, and proactively gaining insight into the global strategy. Collaborate, effectively communicate with others and take initiative to continually develop themselves. Pursue opportunities to solve problems and take action while maintaining the ability to manage work, even in times of challenge or change. Conduct a mature level of critical thinking and deductive reasoning as it relates to root cause analysis of actual or suspected security incidents and recommended corrective actions. Provide and/or contribute to the development of ad-hoc information security reports to be shared with the Information Security Working Group and other executive leadership, as required. Education & Experience Minimum of 4+ years of direct experience in Cyber Security, SOC operations, Incident Response, and Security tool integration & operations is required. 4+ years direct experience with Splunk, Fidelis, Falcon Host, Firewall and IDS/IPS technologies preferred. 3-5+ cumulative years prior experience in any of the following positions: system administrator, application developer, database administrator, LAN administrator. Associate or Bachelor’s degree of Science in computer science, information systems, engineering, or programming. Industry recognized certifications such as GSEC, GCIA, CEH. CISCO highly desired. Intermediate scripting knowledge in Perl, PHP, ASP or Java with recent and basic programming experience. Minimum of 2 years of experience in a compliance-oriented industry is preferred. Advanced understanding and demonstrated technical skills and abilities in the technical information security operations domain. Ability to conduct analysis of multiple data sources and provide assessment on the relationship between threats, vulnerability, and information value in the context of risk management for the company. Bi-lingual/Multi-lingual candidates preferred: English (required) Spanish (good to have). Solid understanding of risk-based decision-making (i.e., risk analysis, mitigation, resolution). #J-18808-Ljbffr