Posted in Other 30+ days ago.
Type: Full Time
The Information Security Analyst is responsible for understanding and planning for risks to the security of information or data, safeguarding information system assets by proactively identifying, mitigating and solving potential security concerns, as well as triaging actual security concerns. This position works with associates and management at all levels to support business strategies, goals, objectives, and security initiatives.
Job Responsibilities:
- Maintains and enhances the vulnerability testing and remediation process.
- Validates alerts generated through security testing and monitoring tools.
- Works with business and technical teams to review vulnerabilities, plan remediation strategy and track items to closure.
- Administers Data Security Awareness program to educate all staff on best practices for security information.
- Performs follow up on security-related findings presented by internal auditors, system scans, vulnerability assessments, etc.
- Participates in incident triage, analysis, response, and remediation for computer network intrusions.
- Monitors and analyzes industry and vendor vulnerability alerts.
- Stays current on data security innovations through education, training, user groups, research and development, etc.
- Supports periodic network and application security penetration testing activities, including scheduling, resources, tool execution, and reporting.
- Recommends and drives capability and functionality improvements in critical security tools and their associated processes.
- Participates in technical projects as a resource to ensure data security policies and procedures are being included.
- Upgrades system by implementing and maintaining security controls.
- Coordinates, documents, and reports on internal investigations of security violations.
- Support and lead assessment engagements
- Architect, design, and consult on the installation, configuration, and support of security-related solutions including, but not limited to network devices, firewalls, routers, servers, SIEM solutions, and other security products
- Possess a broad knowledge of data sources, data flow, system interactions, network/computer equipment, security systems, and software applications in the development, enhancement, and implementation of medium- to large-scale systems
- Write and present summary and detailed assessment reports
- Perform Cybersecurity Vulnerability Assessments and Penetration Testing
- Research and recommend solutions for specific requirements as defined by internal and external client requirements
- Maintain current and relevant security designations
- Report to team leads with work progress regularly as required
- Keep customer tickets up to date and provide detailed documentation to required parties
- Participate in all required activities as scheduled by leadership
- Maintain internal and external customer/client/stakeholder relationships and assist the sales team in identifying prospects and client opportunities
- May perform other duties as required.
3268
Headquarters Office
- Bachelor's degree from four-year college or university and a minimum of 2 years related experience and/or training required; or equivalent combination of education and experience.
- Experience with specific systems such as Windows server, Linux, firewalls / network devices, security systems and tools (Vulnerability Assessment, Security Incident and Event Management (SIEM), Web filtering, Internet inspection, etc.)
- Ability to read, analyze, and interpret common scientific and technical journals. Ability to respond to common inquiries or complaints.
- Ability to define problems, collect data, establish facts, and draw valid conclusions.
- Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.
- Uses intuition and experience to complement data.
- Strong verbal and written communication skills.
- Effective decision-making and judgement abilities are very important to carry out the daily tasks that are required of an Information Security Analyst.
- Must be thoroughly versed in security rules, regulations, and standards, including, but not limited to, PCI, NIST, PHI, Sarbanes-Oxley; must be informed in a wide variety of different areas, including electronics/computer science, telecommunications, engineering technology, public safety, etc.
- Knowledge of business and management principles involved in strategic planning, resource allocation, human resources modeling, leadership technique, production methods, and coordination of people and resources.
- Ability to use logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems.
- Strong problem-solving skills; ability to identify complex problems and review related information to develop and evaluate options and implement solutions.
- Basic knowledge of electronic equipment, and computer hardware and software, including applications and programming.
- Knowledge of transmission, broadcasting, switching, control, and operation of telecommunications systems.
- Ability to identify measures or indicators of system performance and take actions needed to improve or correct performance, relative to the goals of the system.
- CISSP (Certified Information Systems Security Professional) or equivalent experience
- Ability to assess security vulnerabilities using frameworks such as HIPAA, PCI-DSS, ISO
- Familiarity with cybersecurity industry regulations
- Show consistent ability to develop and maintain documentation
- Show consistent ability to work on multiple, moderate to high complex assignments simultaneously
- Show propensity to present at the executive level and be able to lead and drive decision making
- Show the ability to function at the level of a Chief Information Security Officer
- Experience in Incident Response or forensics
- Ability to work under minimal supervision and report to team lead as required
- Effectively communicate within the team and among other teams
- Provide superior customer service at all times
- Travel is minimal, but occasionally required
Equal Opportunity Employer/Vets/Disabled.
|
Top Quality Recruitment (TQR) |
|
Celgard, LLC |
|
Ollie's Bargain Outlet, Inc. |