Job
Description
IT Security Analyst We are seeking a highly skilled and detail-oriented IT Security Analyst to safeguard our organization's IT infrastructure, networks, and data from cyber threats. The ideal candidate will be responsible for security monitoring, risk assessment, incident response, and ensuring compliance with industry best practices and regulatory requirements. Key Responsibilities: 1. Security Monitoring & Threat Detection: Continuously monitor networks, systems, and applications for security breaches and suspicious activity. Utilize SIEM (Security Information and Event Management) tools to analyze logs and alerts. Respond promptly to and investigate security incidents. 2. Incident Response & Mitigation: Conduct forensic analysis and root cause investigation of security incidents. Develop and implement incident response plans to mitigate threats effectively. Collaborate with IT teams to remediate vulnerabilities and enhance security resilience. 3. Vulnerability Management & Risk Assessment: Perform regular security audits and vulnerability scans to identify potential threats. Assess risks and recommend security controls for enhanced protection. Ensure compliance with established security frameworks (e.g., NIST, ISO 27001, CIS). 4. Access Control & Identity Management: Manage user access, authentication, and authorization controls. Implement security best practices for Identity and Access Management (IAM). Enforce Multi-Factor Authentication (MFA) and least privilege access policies. 5. Security Policy & Compliance: Develop, update, and enforce security policies, procedures, and guidelines. Ensure compliance with industry regulations such as GDPR, HIPAA, PCI-DSS, SOC 2. Conduct security awareness training for employees. 6. Security Tools & Technologies: Configure and manage firewalls, IDS/IPS, endpoint protection, and encryption tools. Evaluate, recommend, and implement security solutions to improve the security posture. 7. Collaboration & Reporting: Work closely with IT, DevOps, and compliance teams to reinforce security strategies. Prepare detailed security reports for management and stakeholders. Required Qualifications: Bachelors degree in Cybersecurity, Computer Science, or an IT-related field. Minimum 3 years of experience in IT security, cybersecurity, or a related field. Strong understanding of network security, cloud security, and encryption technologies. Hands-on experience with firewalls, SIEM, IDS/IPS, EDR, and vulnerability scanners. Familiarity with security frameworks such as NIST, ISO 27001, CIS, MITRE ATT&CK. Preferred Certifications: CEH, CompTIA Security+, CISSP, CISM, CISA. Key Skills: Cybersecurity best practices Threat analysis & incident response Risk assessment & compliance SIEM, IDS/IPS, firewalls, EDR Identity & access management (IAM) Cloud security (AWS, Azure, GCP) Security policy development
