The Cybersecurity Specialist will implement, maintain, operate, and audit Information Security systems and relevant aspects of IT systems and networks. The cybersecurity analyst will work in conjunction with IT resources and other Information Security personnel to carry out day-to-day tasks associated with the company’s Information Security program.
Responsibilities:
Being highly knowledgeable about the cybersecurity threat-scape and keeping up to date with the security industry
Understand and evaluate security threats on those threats to your organization and perform a risk analysis of threats
Independently manage, oversee, and implement security systems and application
Monitor for and investigate alerts of possible breaches and other security incidents that may occur with leading EDR/MDR tools
Manage assessment and remediation of software and hardware vulnerabilities, and track progress over time
Document incidents and generate reports for team members and key staff
Work with the security team to help develop security policies and implement them
Make recommendations about the best tools for any given security issue (this may include evaluation of products)
Work with IT team members to augment their role and advise on cybersecurity issues
Monitor and audit systems/processes such as identity and access management.
Help maintain and deploy cybersecurity hardware and solutions (firewalls, network access control, vulnerability scanning, endpoint protection)
Act as first responder to security incidents and participate in a after-hours monitoring rotation with other InfoSec personnel
Help deliver cybersecurity awareness training
Comply with privacy policies and procedures to maintain customer confidentiality and information protection
Comply with all federal, state, and local regulatory rules and regulations governing financial institutions, as well as all company policies and procedures
Complete and pass all required regulatory compliance training as assigned
Serve on an after-hours on-call rotation to monitor and respond to security events
Perform any additional duties and tasks assigned by management
Relevant skills:
Have a deep interest in computing and cybersecurity
Problem-solving capabilities
Highly knowledgeable about computers, including networks, operating systems, applications and web apps
Practical knowledge of penetration testing and network scanning
Practical understanding of the application and use of a variety of security tools, e.g., firewalls, VPNs, SIEM, endpoint protection, IDS/IPS, CASB,
Practical experience in securing cloud systems and environments, e.g., SaaS, IaaS, PaaS.
Experience with programming and scripting and their use in task automation is preferred
Experience retrieving information and generating reports using SQL and Regex based queries is preferred
Ability to perform basic cyber forensics, malware analysis, and threat hunting tasks using industry standard tools
Understanding of the application of human-centered security such as security awareness training
Ability to work and communicate in a fast-paced dynamic team environment and contribute new ideas and skills to IT tasks and projects
Excellent interpersonal, verbal and written communication skills
Exceptional analytical skills and a desire to delve into complex problems
Minimum Qualifications:
Four Year College degree with focus in cybersecurity or equivalent experience
Two years previous information systems experience in I.T. environment
2 year(s): Two years previous information systems experience in I.T. environment
Education
Required
Bachelors or better
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)