OVERVIEW:

The Company

Common Securitization Solutions (CSS) is seeking an experienced Senior Cyber Security Analyst - Insider Threat to join our team of talented professionals. This is a full-time remote opportunity.

CSS built and operates the largest and most advanced mortgage securitization platform in the world, supporting the Uniform Mortgage-Backed Security (UMBS) of Fannie Mae and Freddie Mac.

Supporting 70% of the mortgage-backed securities in the market, CSS provides best-in-class single-family issuance, bond administration, disclosure, and tax services. We support a broad portfolio of products for our clients with full lifecycle management.

Our market-leading, cloud-based, end-to-end platform executes transactions on an extraordinary scale which has bolstered liquidity in the secondary mortgage market, one of the largest and most important financial markets in the world. Our unique approach to securitization combines the best minds in financial services with the know-how, flexibility, and innovation of leading technologists.

RESPONSIBILITIES :

Job Information

The Senior Cyber Security Analyst (Insider Threat) will provide crucial operational support of the CSOC focusing on Data Loss Prevention (DLP), Insider Threats, Fraud and Financial crimes. This role involves analyzing security incidents, conducting thorough investigations, and responding effectively to emerging threats. The ideal candidate will have experience in cyber threat analysis, security monitoring, insider and financial crime analysis, and working within cloud native environments. Given the nature of this role, a well-qualified candidate must demonstrate comfort and skill in handling sensitive issues, emerging threats, and critical matters. A strong interest in cybersecurity, fraud analysis, insider threat, data loss prevention is essential.

Key Job Functions

Develop, implement, and tune/maintain DLP policies and standard operating procedures.
Collaborate with internal teams to investigate and respond to insider threat incidents/investigations.
Monitor and analyze network traffic, logs, and security/alerts/events to identify potential data loss incidents/investigations.
Investigate unusual/anomalous/suspicious financial transactions, including fraud, money laundering, and any other illicit financial activities.
Provide technical support for security tools and technologies (SIEM, IDS/IPS, etc.).
Identify intrusion activity by leveraging alert data from multiple sensors and systems and determine priority for response.
Leverage threat intelligence e.g. FSISAC, while actively monitoring critical financial services infrastructure.
Perform in-depth analysis in support of network monitoring and incident response operations.
Perform live incident response (reactive and proactive incident management) by identifying and remediating malicious applications and infrastructure components, and support with forensics as needed.
Collaborate with other Information Security and IT team members to develop and implement innovative strategies for monitoring and preventing attacks.
Develop and support appropriate metrics to measure the monitoring program and related process.
Develop, test, and deploy new correlation content and use cases using SIEM filters, rules, data monitors, active lists, and session list.
Develop Standard Operating Procedures (SOPs), job aids, and hands-on training materials.
Conduct research of emerging security threats.

QUALIFICATIONS:

Education

Bachelor's Degree or equivalent required (STEM or IT) or a related discipline.
Relevant fraud, and/or anti-money laundering certification (Certified Fraud Examiner, Certified Anti-Money Laundering Specialist) a plus.

Minimum Experience

Minimum 3 years of related work experience supporting cybersecurity, end user support activity and problem resolution and/or incident tracking.
Preferred 2 years of related work experience supporting Data Loss Prevention, Insider Threat Analysis, and Financial Crimes analysis.
Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. CSS does not offer H-1B sponsorship for this position.

Specialized Knowledge & Skills

Understanding of typical employee workflows and ability to identify abnormal user activities
Experience with money laundering or fraud detection and mitigation
Familiarity with financial services industry regulations, major organizations in the space, and best practices for cybersecurity and fraud prevention
Experience with security monitoring tools (i.e. – Log management, e.g. Splunk, Fortinet/FortiAnalyzer, IDS/IPS, SIEM, Windows Defender, etc.) and Incident Response for a cloud-based services environment
Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, understanding of attacks, and determination of countermeasures.
Previous experience in a technical security role, such as network security, operating system security, Internet or Web security, Data Loss Prevention (DLP), anti-malware, IDS/IPS, and penetration and vulnerability testing preferred
Knowledge of networking fundamentals such as TCP/IP and basic packet analysis, network engineering, and local and wide area (LAN/WAN) technologies.
Experience with Data loss tools such as Purview preferred.
General knowledge and experience in Windows / Linux Operating Systems, baseline security configurations, audit, forensics, Patch Management for these OSs.
Ability to work in fast paced environment with occasional on-call activities.
Excellent interpersonal skills, presentation skills, and verbal / written communication skills.
Self-starter; adaptable to change; motivated to set personal and program goals and pro-actively track performance against goals and initiatives.
Active in the cybersecurity industry; equipped with external networking relationships to maintain relevant knowledge of best practices, tactics, strategies and technologies.

Pay Range $109,250 to $125,500

CSS’s pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) a candidate’s qualifications, skills, competencies, and experience, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law. CSS offers a competitive total compensation package, which includes a performance bonus, 401k match, healthcare coverage, PTO, and a broad range of other benefits.

Employment

As a condition of employment with Common Securitization Solutions, any successful job applicant will be required to successfully complete a background investigation, which may also include a credit check for positions in some areas of our business.

Common Securitization Solutions is an Equal Opportunity Employer.

##LI-Remote

Senior Cyber Security Analyst - Insider Threat

Offer summary

Qualifications:

Key responsabilities:

Job description

Required profile

Experience

Hard Skills

Other Skills

Cybersecurity Analyst Related jobs

DoD SkillBridge - Cyber Security Analyst Intern

Cybersecurity GRC Analyst - FT - Mexico City

Cyber Security Analyst

Principal Business Analyst, Cybersecurity - Remote

Cyber Analyst, Managed Security