Information Security Analyst

What you’ll do & how you’ll make your mark.

Identifies and ensures mitigation of information security risks within the organization
Evaluates projects to ensure proper security requirements and actively with corporate-wide information security project planning and documentation of divisional and corporate projects
Assists with internal and external IT audits. Support processes for identification, collection and review of relevant data and assist with defining control recommendations that are both efficient and effective.
Reviews requests for adherence to security policies, assuring requests are executed correctly
Identifies security incidents and responds to ensure risk is contained
Maintains integrity of security controls based on toolsets as well as support their updates and use
Develops and analyzes security reports and reports security incidents to compliance staff and department leadership
Monitors audit system to find security violations, vulnerabilities, and abnormalities
Develops and maintains security control framework, which includes security policies, standards, practices, and guidelines
Assists incident handling for the Cyber Incident Response Team (CIRT). Completes corrective action plans, resolves audit findings and security issues, ensuring problems are resolved in an effective and timely manner.

Who you are & what you’ll need to succeed.

Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security)
Must be well versed in operating systems such as Linux as well as Windows environments, Active Directory, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks, Threat and vulnerability management
Experience with vulnerability scanners, vulnerability management systems, patch management and host-based security systems
Knowledge of networking and the common network protocols
Demonstrated ability to create scripts to automate processes in PowerShell, Python or Bash
Demonstrated ability to perform static and dynamic malware analysis
Demonstrated ability to analyze large data sets and identify anomalies
Demonstrated ability to quickly create and deploy countermeasures under pressure
Familiarity with common infrastructure systems that can be used as enforcement points
Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals
Project Management skill is a plus
Experience working with cloud technologies (AWS, Azure, SaaS, etc.) is highly desired.