The Information Security Analyst will be responsible for supporting computer network defense, to include auditing the network for vulnerabilities, identifying relevant threats, recommending corrective actions, developing solutions for security issues, and investigating security incidents and breaches.
Key ResponsibilitiesIdentifies, diagnoses, and resolves network and security problems.
Forensic analysis of network logs and packets to identify compromised systems.
Serves as a team member for projects / programs within a defined area of responsibility and/or on a cross-functional team.
Work with limited supervision and oversees the installation, configuration, and maintenance of Security related information systems.
Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.
Develop and implement a comprehensive plan for regular compliance verification against approved/selected security controls.
System audits and/or security scans of network connected devices, servers, web applications, network printers, file services, database access and applications.
Support security incident response team, as needed, through execution of the communication plan and providing additional support as requested.
Regularly contribute to security and other information technology research to drive continuous improvements to the company's security, risk management and disaster recovery programs.
Facilitate the remediation of any vulnerabilities in websites, production applications or network access points identified by a security scan.
Assist in the coordination of disaster recovery (DR) efforts for the Company including plan development, IS communication plan, site assessments, training, testing and execution.
Help strengthen the security culture across the IS department and the company.
Recommend threat protection security solutions to business problems and analyze security breaches to determine their root cause.
Minimum Job RequirementsProfessional certifications in computer technology, security, risk management or business continuity, preferably CISSP, CEH or CISA.
Solid understanding of core security technologies and various security related infrastructure solutions including Firewalls & VPN, LAN / WAN equipment, Anti-Virus, SIEM experience, Encryption and related services.
Experience using an enterprise level ticketing system.
Working knowledge of NIST 800-61 and CMMC
Research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis preferred.
Bachelor's degree in Computer Science, Computer Information Systems, or equivalent work experience.
Excellent organizational and communication skills and someone who is able to work collaboratively in a team environment.
Minimum of 8 years' experience within IT and 5 years' as a Security Analyst, preferably in an environment with strong compliance requirements.
Note: Job Description is subject to change at any time and may include other duties as assigned.
Physical RequirementsMust be able to comply with all safety standards and procedures
Required to use hands to grasp, lift, handle, carry or feel objects on a frequent basis
May stoop, kneel, or bend, on an occasional basis
Will use telephone, computer system, email, and other electronic devices on a frequent basis to communicate with internal and external customers or vendors
Will lift, push or pull objects pounds on an occasional basis
Will interact with people and technology frequently during a shift/work day
Will sit, stand or walk short distances for up to the entire duration of a shift/work day.
Equal Opportunity Employer Statement:
It is the policy of this Company to assure that applicants are employed, and that employees are treated during employment, without regard to their race, religion, sex, color, national origin, age or disability. Such action shall include: employment, upgrading, demotion, or transfer; recruitment or recruitment advertising; layoff or termination; rates of pay or other forms of compensation; and selection for training, including apprenticeship, pre-apprenticeship, and/or on-the-job training.