POSITION SUMMARY: The Information Security Analyst is responsible for operations and administration of the organization’s enterprise security solutions and processes. The Information Security Analyst investigates and responds to enterprise security events and requests.
- Administers and maintains security infrastructure / tool set.
- Gathers and documents security requirements to support enterprise security initiatives.
- Executes established information security management procedures (e.g., threat intelligence, metrics gathering, reporting, investigation) and produces quality deliverables.
- Analyzes security alerts, incidents, and requests; identifies root cause; determines and executes appropriate steps for resolution.
- Escalates security incidents/problems as required and monitors progress towards resolution until the incident/problem is closed/resolved.
- Performs threat hunting using available security tools, indicators, and intelligence.
- Builds, maintains, and manages strong relationships across internal and external teams to resolve problems and deliver information security services.
- Ensures that information security assets are maintained and inventoried.
- Drafts, reviews, and edits operating procedures and reports.
- Performs other job-related duties as assigned or apparent.
- Bachelor’s degree in information security, computer science, information systems, or mathematics.
- Information security certifications such as Global Information Assurance Certification (e.g., GSEC, GCIH, GCED), Systems Security Certified Practitioner (SSCP), Cisco Certified Network Associate (CCNA) Security, Cisco Certified Network Professional (CCNP) Security, Certified Information Systems Security Professional (CISSP), or CompTIA Security.
- Experience with intrusion prevention systems (IPS), vulnerability scanning/management, system hardening, security standards, data loss prevention (DLP) solutions, and endpoint detection and response (EDR).
- Intermediate to advanced proficiency in the use of Microsoft Office products: Word, Excel, PowerPoint, and Visio.
- Prior experience with root cause analysis and security incident response.
- Passion for customer service, problem solving, investigation, and information security.
- Strong analytical abilities and investigation skills.
- Minimum of 2 years of experience in an information security role with progressive experience in operating, troubleshooting, designing, or implementing enterprise security solutions.
- Experience operating at least two of the following: DNS based protections, email filtering and security, web proxies, anti-virus, threat hunting, or log review/investigation.