Security Analyst I
The Security Analyst I will work with key Infrastructure stakeholders and be responsible for the identification, design, development and management of Security initiatives as they relate to the company’s Security platform. Must be able to demonstrate a clear understanding of Industry Accepted Security Standards, Protocols and all related technologies.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
• Plan, implement and upgrade security measures and controls
• Protect digital files and information systems against unauthorized access, modification or destruction
• Maintain data and monitor security access
• Reviews logs and events and investigate any anomalies
• Define, implement and maintain corporate security policies
• Develop company-wide best practices for processes in respect to information security
• Develop and execute security awareness training starting at onboarding to continuous training
• Educates employees about the proper way to handle possible compromised systems
• Stays abreast of developments in Information Security, as well as those in Information Technology industry specifically as they relate to security
• Maintains proper documentation for all security products
• Conduct internal and external security audits
• Analyze security breaches to determine their root cause
• Coordinate security plans with outside vendors
• Monitor computer networks for security issues.
• Investigate security breaches and other cyber security incidents.
• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Document security breaches and assess the damage they cause.
• Work with security team to perform tests and uncover network vulnerabilities.
• Research security enhancements and make recommendations to management.
OTHER DUTIES AND RESPONSIBILITIES:
• Business analysis, systems design and project management for medium and large application development projects.
• Understand concepts of software development life cycle.
• Project management experience and methodology.
MINIMUM QUALIFICATIONS: (To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
Education Bachelor Degree in Computer Science or related degree is required
Experience Minimum 2 years of experience working in the Internet Security space as well as operational experience in Security related activities
• Experience in information technology or security desired
• Experience with computer network penetration testing and techniques.
• Strong organizational, project management and process analysis skills
• Ability to effectively work and interact with customers and team members
• Ability to effectively manage multiple assignments and priorities
• Ability to effectively communicate both orally and in writing.
• Understand concepts of software development lifecycle, firewalls, proxies, SIEM, antivirus, and IDS/IPS concepts.
• Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
• Strong in-depth technical knowledge in information security with emphasis on anti-virus, DLP, NAC or MDM
• Experience in tools including Snort, Wireshark, FireEye or SIEM applications (Splunk, LogRhythm, BMC TrueSight Data Analytics) preferred
Certifications or Licenses • Currently hold or working to obtain one or more security certifications, including:
o (ISC)² Certified Information Systems Security Professional (CISSP)
o SANS GIAC Certified Intrusion Analyst (GCIA)
o SANS GIAC Certified Incident Handler (GCIH)
o EC-Council C|EH – Certified Ethical Hacker (CEH)
o CompTIA Security+
Special Knowledge, Skills & Abilities
Reasoning Ability: Ability to apply common sense understanding to carry out instructions furnished in written, oral, or diagram form. Ability to deal with problems involving several concrete variables in standardized situations.
Communication Skills: Excellent verbal and written communication skills. Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures, or governmental regulations. Ability to write reports, business correspondence, and procedure manuals. Ability to effectively present information and respond to questions from groups of employees, managers, vendors, customers, and/or the general public.
Other: Ability to prioritize and complete multiple tasks; detail-oriented; teamwork skills.
PHYSICAL DEMANDS: (The physical demands and work environment described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
• Long periods of time sitting at a desk (daily).
• Manual dexterity to type on computer keyboard and operate general office equipment, such as phone, fax/copier/scanner.
• Must be able to speak and hear adequately.
• Clear vision at close distances.
WORK ENVIRONMENT: (The physical demands and work environment described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
Office environment (closed climate).