Cyber Security Analyst

About the position

We have an exciting opportunity at our Mesa, AZ facility for a Cyber Security Analyst! The successful candidate will be responsible for assisting with the day-to-day operations of securing our various information systems. Reporting to the IT Infra/Security Manager, the CSA is tasked with providing technical expertise in all areas of network, system, and application security.

Responsibilities

• Monitor network traffic and system logs for signs of security breaches or suspicious activities
• Investigate and analyze incidents to determine the root cause, extent of damage, and potential impact
• Develop and maintain incident response plans, including communication protocols, escalation procedures, and containment strategies
• Respond to and contain cyber incidents in a timely manner to minimize damage and disruption to the organization's operations
• Coordinate with relevant internal teams to ensure prompt resolution of security incidents and implementation of security controls to mitigate future risks
• Conduct forensic analysis of systems, networks, and digital evidence to gather intelligence and identify potential threats or vulnerabilities
• Prepare detailed incident reports, including analysis of incident response activities, lessons learned, and recommendations for improvement
• Stay up-to-date with the latest cyber threats, attack techniques, and industry best practices, and make proactive recommendations to enhance security posture
• Collaborate with external partners, such as law enforcement agencies or incident response service providers, as needed, to investigate and mitigate cyber incidents
• Conduct security awareness training and provide guidance to employees to promote a culture of security and vigilance within the organization
• Provides technical expertise regarding security-related concepts to operational teams within the Information Technology Department and the business.
• Monitor online security-related resources for new and emerging cyber threats.
• Assesses new security technologies to determine potential value for the enterprise.
• Conducts vulnerability assessments of firm systems and networks.
• Manage systems owned by the Information Security Team.

Requirements

• A four-year college degree in Computer Science or related degree is required
• Three to five years of experience in a security analyst or related position.
• Technical knowledge of enterprise-class technologies such as firewalls, routers, switches, wireless access points, VPNs, and desktop and server operating systems.
• Thorough understanding of Microsoft's enterprise technology platform, including Azure, Active Directory, SQL, Office365, and the Windows server and desktop operating systems.
• Proficiency with Windows PowerShell.
• Working experience with the following technology vendors and products: Splunk Cloud, Crowdstrike, Rapid7 Nexpose.
• Strong writing skills, as well as the ability to articulate security-related concepts to a broad range of technical and non-technical staff.
• Working experience with creating, implementing, and managing a threat hunting program within a corporate environment.
• Demonstrated experience implementing and/or enforcing security and compliance frameworks such as NIST, Cobit, and ISO.
• Be a proficient problem-solver that can work autonomously.

Nice-to-haves

• One or more of the following certifications: CEH, CISM, CompTIA Security+, CISSP, GSEC
• Experience with managing and securing both on-premises and hosted systems and applications.
• Experience with application and database security.