Cyber Security Analyst InfoSec Defensive Forensics

With a focus on Mobility, Operational Excellence, Value to our Customers and the Electrification of vehicles, you can expect to be part of something exciting. From the sleek design of our vehicles to the unique opportunities we offer around the globe, Nissan exemplifies ingenuity in everything we do. Our people are what drive the business forward.

We’re currently looking for a Cyber Security Analyst (Remote) join our InfoSec Defensive Forensics and Investigations team in Mexico City, MX. An information security forensic analyst is a highly technical member of the information security team. Successful candidates in this role will conduct forensic examinations through collection, processing, analysis and preservation of digital data. Analysts are typically subject matter experts and may, at times, work with oversight from information security leadership and with nontechnical areas of the business such as legal, human resources and law enforcement. Clear, concise communication to explain technical topics capable of being understood by business leaders is required.

In this role, analysts will examine digital data and events from computer memory and storage (Windows, Linux, and macOS), mobile phones, electronic communication, malware and data transmission throughout the entire business. Analysts will assist other members of the information security team such as incident responders, security operations center (SOC) staff, threat hunters, and host and network engineering colleagues.

As a trusted member of the cybersecurity team and industry community, the analyst works closely with internal technical teams, business units and external entities aligned with the business, including private intelligence-sharing groups, law enforcement, government agencies and public affiliation peers.

The Cyber Security Analyst is responsible for conducting in-depth research, documenting threats, understanding the risk to the business, and sharing information with those who need to know. Among the research conducted, the analyst will seek to uncover patterns and trends and be forward-thinking as to how threats may evolve. Furthermore, the analyst will participate in simulation exercises designed to uncover weaknesses related to threats, with the goal of implementing defensive solutions prior to attacks and disrupting attacks in progress. The analyst will also distill threat intelligence so technical and non-technical contacts can understand it and make educated decisions about next-step actions. The Cyber Security Analyst works in tandem with Manager and Sr. Manager to elevate the company’s security posture.

Job Duties:

· Conduct forensic examinations that include collection, preservation and analysis of data and systems.

· Document case notes and communicate analysis from initial investigation through closure and post-mortem.

· Assist and support other forensic team members, incident responders and technical colleagues.

· Maintain collection, storage and preservation of evidence following strict control and chain of custody.

· Support investigations to help incident responders identify and contain incidents.

· Develop relationships with engineering, IT, incident response, SOC and software engineering team members.

· Conduct investigations including, but not limited to, end-user hosts, servers, network infrastructure, mobile devices, peripherals and application systems.

· Improve reverse engineering skill set with malware analysis and obfuscated code.

· Identify strengths and weaknesses in the program for team members to improve skills and knowledgebase.

· Participate in briefings from internal forensics, as well as from hired consultants, presented to technical and business leadership.

· Maintain a lab and professional accountability to train, work with new solutions, and retain knowledge and abilities with existing solutions.

· Analyze systems and data sources for accidental, malicious and unauthorized activities.

· Provide analysis results to management and technical team members as needed.

· Under management supervision and direction, communicate with legal, external firms and law enforcement.

· Openly support the organization, the management team and executive leadership team, even during times of adversity.

· Perform other duties as assigned.

Skills and Experience:

· Preferably 2 – 5+ years’ experience in cybersecurity system engineering and a minimum two years' forensics experience.

· Demonstrated knowledge of forensic tools including, but not limited to, Forensic Case Notes, Access Data Forensic Toolkit, Magnet Axiom, EnCase, X-Ways, and Sift.

· Administration with network and host configurations, endpoint detection response configurations, application security, encryption and cloud services.

· Understand attacker tactics, techniques and procedures to aid in discovery and analysis.

· Demonstrated ability to perform malware analysis, reverse engineering and examine obfuscated code.

· Experience with log and data aggregation systems.

· Proficient use of scripting with one or more programming language including Python, PowerShell, JavaScript and Bash.

· Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.

· Strong written and oral communication skills across varying levels of the organization.

· Clear understanding of evidence preservation and chain of custody.

· Excellent judgment and the ability to make quick decisions when working with complex situations.

· High degree of integrity, trustworthiness and confidence; represents the company and its management team with the highest level of professionalism.

Education

· Bachelor's degree in a related discipline or equivalent work experience.

Professional security certifications preferred

· Has one or more of security certifications including GCFE, GREM, GCIH, EnCE, CISSP.

Frameworks

· Working knowledge/experience with network systems, security principles, applications and risk and compliance initiatives such as Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), Health Information Portability and Accountability Ace (HIPAA), Sarbanes-Oxley Act (SOX) and the General Data Protection Regulation (GDPR).

Welcome to an open lane of possibility. Drive your career forward and join the company leading the technology and business evolution of the automotive industry by applying today.

Nissan is committed to a drug-free workplace. All employment is contingent upon successful completion of a drug screen for roles based in the United States and background screening for all positions.

All of us at Nissan – regardless of functional area or expertise – share a passion to design, manufacture, and sell high-performance vehicles. It is Nissan’s policy to provide Equal Employment Opportunity (EEO) to all persons regardless of race, gender, military status, disability, or any other status protected by law. Candidates for this position must be legally authorized to work in the United States and will be required to provide proof of employment eligibility at the time of hire; Nissan uses E-Verify to validate employment eligibility. **Visa sponsorship for this position is not available at this time. **