As the Security Analyst, you will be responsible for ensuring the organization is effectively designing, developing, and implementing security compliance controls and solutions. You will engage with stakeholders throughout the organization, and throughout the Product Lifecycle to ensure that standard security practices are followed and implementing risk mitigations where required. The position will work closely with IT Operations, Information Technology, Commercial Software, and Engineering, along with the business to ensure there is a consistent and common approach to implementation of security and compliance management activities.
Responsibilities:
Security Operations and Risk Management
Collaborate with cross-functional teams to implement compliance initiatives and security controls
Ensure security requirements are implemented within various stages of the Software/System/Product lifecycle process
Working with various product management teams from design to build phases
Work closely with teams to Pen Test new features within software, products, infrastructure
Work with teams to validate and address vulnerability and threat findings from analysis partners and tools
Research upcoming IT trends and make security recommendations
Perform security reviews of software/product/infrastructure designs to assist developers in ensuring quality and robustness of our software and products
Engages in Disaster Recovery Planning/Testing to ensure all risks and potential threats have been mitigated
Leads analysis and review of security events conducted throughout the company
Leads exploration of practical security solutions to address emerging threats and compliance requirements, including design and implementation of recommended solutions
Supports ongoing compliance activities and monitoring efforts across applicable Regulations and Standards
Effectively deliver technical security issues to non-technical management
Generally 8am-5pm workdays but some on-call rotation and after-hours work required.
Requirements
Education/Experience:
Typically requires a bachelor's degree (or international equivalent) and 2+ years of relevant experience, or equivalent combined work experience.
Preferred Qualifications:
Bachelor's degree, preferably in Cybersecurity, Computer Science, or equivalent.
2+ years of infrastructure/network security, application security, security assessment
Experience in 2 or more of the following areas – Incident Response, Vulnerability and Patch Management, AD Security, Disaster Recovery, Device/OS Hardening, Forensics, PKI encryption and authentication, Security engineering, Cloud Security, Security Standards – NIST/SOC/ISO27001, SIEM management, Security assessments
Some IT experience - service desk, infrastructure, networking, and/or software development
Professional certifications such as Security+, CASP+, CySA+, GIAC or ISC2 certifications.
Ability to take ownership of your areas and actively improve our security posture
Experience working with outsourced organizations and third-party vendors preferred
Advanced written and verbal communication skills
Strong problem-solving skills
Strong analytical skills and the ability to understand and document complex technical or business process data flow
Travel Requirements: Typically requires overnight travel less than 10% of the time.
Location: Duluth, GA, Tallassee, AL
#HP1
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)