Cyber Defense Strategy Analyst

Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice.

Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit. The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law. Such information will be stored in accordance with regulatory requirements and in conjunction with Regions' Retention Schedule for a minimum of three years. You may review, modify, or update your information by visiting and logging into the careers section of the system.

Job Description:

At Regions, the Cyber Security Analyst is responsible for analyzing, identifying, and documenting cybersecurity risks. This role will require a proactive individual with an understanding of core technology and cybersecurity principles along with industry best practices to investigate, remediate and/or escalate for further evaluation.

Primary Responsibilities

• Analyzes and responds to cyber threats within various security tools according to documented procedures and be capable of understanding if deviations from procedures are necessary to gather the required information to respond

• Proactively identifies opportunities for tuning security tools and submit requests to support teams to enhance threat detection accuracy, and works with related teams to see tuning through to completion

• Provides recommendations for updates to policies, standards, and procedures to improve process flows

• Performs threat hunting and participate as a key stakeholder in tabletop exercises on a rotational job-duty basis as needed

• Assists in incident response

• Maintains meticulous records of all work performed, including root cause analysis, indicators of compromise, remediation steps, timeline of events, and impact assessment using clear and concise annotations as needed

• Mentors, reviews, and assists other analysts in their documentation and training

• Maintains an awareness of active global cybersecurity threat trends and proactively provides guidance where gaps may exist around existing detections and procedures

• Supports and collaborates with various cybersecurity teams to document security posture and assess environment for relevant IOCs and gaps as needed

• Participates in and lead various security assessments (i.e. Security Architecture Reviews, Red Team assessments, Purple Team engagements, and formal tabletop exercises) as needed

• Participates in and lead planning and support for cyber security engineering and architecture for new projects as needed

• Provides in-depth guidance on process improvement

• Acts as a coach and mentor to junior analysts

• Leads special projects

• Serves as a subject matter expert (SME) within cybersecurity

This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay.

Requirements

• High School Diploma or GED and (10) years of related post-secondary education and/or experience in Information Security or Information Technology

• Minimum of two (2) relevant certification in Information Security or the ability to obtain relevant certification within twelve months of start date in this position, such as CompTIA Network+/Security+/CySA+, EC-Council Certified Ethical Hacker (CEH), Cisco CCNA/CCNA-Security, GIAC GSEC, etc.

• Familiarity with regulatory requirements and industry standards such as the Gram Leach Bliley Act (GLBA), Payment Card Industry Data Security Standard (PCI-DSS), National Institute of Standards and Technology (NIST), etc.

• Willingness and availability to work on a pre-determined shift and rotational on call

Preferences

• Minimum of one (1) Intermediate to Advanced Amazon Web Services (AWS) or Azure Architect/Administrator and/or Security specialty certification

• Advanced Incident Response, Cyber Leadership, Penetration Testing certification - GCIH, GSOM, GPEN, CISSP, CISM, OSCP

• Prior working experience in a Security Operations Center (SOC) environment

• Prior experience developing use cases for a Security Operations Center from threat hunting and threat detection engineering to investigation playbook and response procedure development

• Understanding of MITRE ATT&CK Framework and Cyberattack Kill Chain and how these frameworks can be used to identify gaps as well as orient analysts in attack progression

Skills and Competencies

• Ability to be a self-starter with initiative and drive for continuous improvement.

• Ability to be a team-oriented individual who works well with others and places a premium on the group's success

• Advanced understanding of information security principles, controls, and technologies

• Demonstrated strong organizational, research, analytical and problem-solving skills to evaluate situations and respond appropriately

• Excellent writing and verbal communication skills

• Strong familiarity with concepts related to security disciplines such as: malware analysis, computer forensics, cyber incident response, network intrusion detection, network traffic and packet analysis, penetration testing, vulnerability scanning, compliance, audit, or cyber threat intelligence

• Strong investigative and problem-solving skills

Additional Job Description

• Strong understanding of cyber threat landscape, including TTPs (Tactics, Techniques, and Procedures) of threat actors.

• Experience working with threat intelligence platforms and using tactical or strategic intel to determine relevant threats and plans of action.

• Familiarity with MITRE ATT&CK/D3FEND/ATLAS frameworks and threat modeling methodologies.

• Proficiency in analyzing indicators of compromise (IOCs), malware, phishing, and network traffic.

• ability to write technical and executive reports and provide verbal briefing or presentations.

• Experience with SIEM tools (e.g., Splunk, Elastic) and log analysis.

• Familiarity with AI technologies, threats, and risk mitigation.

? This position is intended to be onsite, now or in the near future. Associates will have regular work hours, including full days in the office three or more days a week. The manager will set the work schedule for this position, including in-office expectations. Regions will not provide relocation assistance for this position, and relocation would be at your expense. This position must be within a reasonable driving distance to Birmingham, AL or Charlotte, NC . Exceptions to the geographic location requirement may be made for current Regions associates who work remotely.

Position Type

Full time

Compensation Details

Pay ranges are job specific and are provided as a point-of-market reference for compensation decisions. Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role. As these factors vary by individuals, pay will also vary among individual associates within the same job.

The target information listed below is based on the Metropolitan Statistical Area Market Range for where the position is located and level of the position.

Job Range Target:

Minimum:

$121,316.25 USD

Median:

$159,690.00 USD

Incentive Pay Plans:

Opportunity to participate in the Long Term Incentive Plan.

Benefits Information

Regions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for benefits-eligible associates. ( Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions.

• Paid Vacation/Sick Time

• 401K with Company Match

• Medical, Dental and Vision Benefits

• Disability Benefits

• Health Savings Account

• Flexible Spending Account

• Life Insurance

• Parental Leave

• Employee Assistance Program

• Associate Volunteer Program

Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time. To learn more about Regions' benefits, please click or copy the link below to your browser.

Location Details

Riverchase Operations Center

Location:

Hoover, Alabama

Equal Opportunity Employer/including Disabled/Veterans

Job applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting. Job postings for higher-volume positions may remain active for longer than the minimum period due to business need and may be closed at any time thereafter at the discretion of the company.