IT Security Analyst

The IT Security Analyst is expected to be fully aware of the company s security framework and roadmap goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

Responsibilities

• Participate in the planning and design of corporate security architecture
• Demonstrate foresight in recognizing potential or existing security issues, vulnerabilities, and threats and work with cross-functional teams to implement remediation
• Recommend additional security solutions or enhancements to current security solutions to improve overall enterprise security
• Perform the deployment, integration, and initial configuration of all new security solutions and any enhancements to existing security solutions following standard best operating procedures generically and the enterprise s security documents specifically
• Participate in the creation of corporate security documents (policies, standards, baselines, guidelines, and procedures)
• Participate in the planning and design of the corporate Business Continuity Plan and Disaster Recovery Plan
• Stay up-to-date on the latest security intelligence, including hackers methodologies, in order to anticipate security breaches
• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they are under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.)
• Tune security events and correlation from applicable security products and sources
• Perform network traffic analysis, host behavior analysis, PC forensics, kill chain, windows event analysis, etc. to effectively detect and protect company assets
• Produce a monthly security operations dashboard with key performance indicators (incidents, metrics, security threats, intelligence, etc.)

Requirements

• Bachelor s degree in Information Technology or Information Security or substantial work experience required
• Must have 3 years of hands-on working knowledge of various security technologies (PAN or Cisco Firewalls and VPN, NAC, Endpoint Protection Platforms, File Integrity Management, IPS/IDS, Application Firewalls, Vulnerability Scanner, Web Proxy, Content Filtering, MFA, SIEM Logging & Monitoring, and DLP)
• 3 years of hands-on experience in incident management with critical incident and security event response
• Good working experience implementing network and host security policies
• Good working knowledge of cloud and email infrastructure security
• Ability to work and lead on multiple projects simultaneously
• Strong understanding of IP, TCP/IP, and other network administration protocols
• Excellent interpersonal skills and ability to communicate on all levels with management and all end-users