CYBER/INFORMATION SECURITY ANALYST

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security, or a related field or recent technology experience related to networking and cybersecurity.
• Minimum of five (5) years of progressive experience in cybersecurity, with a focus on threat hunting, incident response, and network security.
• Advanced knowledge of cybersecurity principles, frameworks, and best practices.
• Expertise in threat-hunting methodologies, techniques, and tools (e.g., SIEM, EDR, threat intelligence platforms).
• Strong understanding of network security principles, protocols, and technologies.
• Proficiency in vulnerability management, penetration testing, and security assessment tools.
• Knowledge of relevant security regulations and standards (e.g., NIST, ISO 27001, GDPR).
• Excellent analytical, problem-solving, and critical thinking skills.
• Strong communication and interpersonal skills.
• Ability to work independently and as part of a team.

Nice To Haves

• Relevant industry certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable
• Experience with cloud security (AWS, Azure, GCP)
• Scripting experience (Python, PowerShell, etc.) is a plus.

Responsibilities

• Identify, analyze, and mitigate security risks and threats.
• Conduct advanced threat hunting to identify and neutralize sophisticated threats using SIEM, EDR, and other tools.
• Perform vulnerability assessments and penetration testing to remediate security weaknesses.
• Design and maintain secure network architectures, including firewalls, IDS/IPS, and VPNs.
• Apply strong networking knowledge (TCP/IP, routing, switching) to enhance security.
• Manage and maintain an up-to-date inventory of all devices, including servers, workstations, and related network devices, ensuring assets are secure and compliant.
• Designs security policies, programs, or practices to ensure adequate security relating to asset protection, alarm response, access card use, and other security needs.
• Coordinate meetings with stakeholders and vendors to discuss security strategies, review audits, and plan security reviews and improvements.
• Develop and maintain security policies and procedures, to ensure a secure and resilient IT infrastructure.
• Develop and lead security awareness training initiatives for employees, emphasizing the importance of security best practices and how to recognize and prevent potential threats.
• Participate in the planning and executing disaster recovery and business continuity plans, ensuring the availability and integrity of systems in the event of a cyber incident.