JOB DESCRIPTION OVERVIEW:
The Security Analyst is a key member of the Information Security team in the Enterprise Information Technology department. The Security Analyst performs two core functions: 1) day-to-day operations of the in-place security systems, and 2) identification, investigation and resolution of security incidents detected by those systems. To achieve the required outcomes, you will need a strong hands-on foundation in security operations as it relates to information security and information technology. Must be willing to maintain and build security knowledge and obtain relevant security certifications. This role is broad in scope and involves interacting with multiple IT and information security disciplines.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Leads efforts to manage, monitor, and enhance security controls in support of a comprehensive information security program.
- Monitors various information security systems: access control, endpoint protection, data loss prevention, security information and event management, and threat/vulnerability management.
- Analyzes data from various information security systems and reports findings to management.
- Leads forensics investigations and associated tracking related to information security concerns and incidents. When necessary, facilitates the implementation of relevant incident response plans and emergency procedures.
- Conduct access control reviews, configuration management reviews, vulnerability assessments, penetration tests, and security risk assessments.
- On-call after hours support of roughly one week per month
QUALIFICATIONS / EXPERIENCE:
- Bachelor's degree in Information Assurance, Information Security, Computer Science, or equivalent demonstrated experience and knowledge
- 2+ years' experience as a Security Analyst or similar
- Desired Certifications in GPEN, OSCP, CEH, GCIA, GCIH, or equivalent
- Strong understanding of security controls such as access control, auditing, authentication, encryption, application security and physical security controls
- Must have strong skills in operating systems such as Windows, Linux/Unix, MacOS, iOS, and Android.
- Must have experience with multi-system environments and protocols to include but not limited to Active Directory, LDAP, VPN, DNS, TCP/IP, authentication and authorization, and other systems/protocols within an enterprise environment
- Must have experience with security information and event management (SIEM), vulnerability scanners, vulnerability management systems, patch management, and host-based security systems
- Experience with penetration testing, WAF, application testing and security a strong plus
- Ability to communicate well verbally and written
- Customer-driven with a willingness to contribute and take ownership of issues and problems
- Ability to multi-task, prioritize, and manage time effectively
- Strong attention to detail
- Excellent interpersonal skills and professional demeanor
- Experience with Incident, Problem and Change management processes in enterprise environments
- Ability to work in a fast-paced environment, interact with staff, peers and customers on a technical & professional level
- Demonstrated ability to work under pressure and deliver to meet SLAs
- Proactive and independent mindset as well as a willingness to share knowledge
- Proficient in Microsoft Office Applications
PHYSICAL / ENVIRONMENTAL DEMANDS:
- Job performed in a well-lighted, modern office setting;
- Occasional lifting/carrying (10 pounds or less);
- Occasional standing/bending/stooping/reaching;
- Moderate stress;
- Prolonged sitting; and
- Prolonged work at a computer/PC.
Cooperative, positive, courteous and professional behavior and conduct is an essential function of every position. All employees must be able to work with others beyond giving and receiving instructions. This includes getting along with co-workers, peers and management without exhibiting behavior extremes. Job functions may require personal leadership skills such as conflict resolution, negotiating, instructing, persuading, speaking with others as well as responding appropriately to job performance feedback from the supervisor. Additionally, the information contained in this job description has been designated to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this position.