Cybersecurity Analyst

About The Position

Requirements

• Associate’s Degree
• 2 to 5 years of relevant work experience
• Demonstrable knowledge of Microsoft Azure, Defender and Office 365 security controls.
• Knowledge and understanding of relevant legal and regulatory requirements, such as the Gramm-Leach- Bliley Act (the GLB Act or Act), Guidelines for Safeguarding Member Information and Payment Card Industry/Data Security Standard.
• Knowledge of industry frameworks such as NIST and ISO.
• Ability to evaluate the IT controls including, but not limited to, Data Security Standard (PCI DSS), Security and Privacy policies and standards.
• Demonstrable knowledge of cybersecurity risks and application of relevant techniques and tools.
• Strong analytical skills with the ability to parse requirements and relate them to appropriate security controls.
• Experience in vulnerability testing and ability to plan and implement ongoing testing and monitoring programs and knowledge of IT operational infrastructure including business continuity.
• Ability to work with confidential information and volumes of detail; work intuitively and independently, audit, analyze, organize tasks and projects.
• Ability to interact with personnel at all levels and across all business units and organizations, and to comprehend complex business initiatives.
• Working knowledge of system tools for monitoring trends related to security event management, vulnerability assessment, and intrusion detection to include Cloud offerings.

Nice To Haves

• Staying current with advancements in artificial intelligence (AI)
• Staying current with the constantly evolving landscape of AI-driven cyber threats

Responsibilities

• Manages miscellaneous documentation, requests processing, training (new hire, employee awareness), and other projects as assigned.
• Supports the development, implementation, monitoring, and maintenance of security policies, procedures, standards, and guidelines.
• Assists with maintaining and documenting security testing, including reporting results and remediation.
• Researches and investigates emerging risk topics, threats, vulnerabilities, capabilities, and solution options to create/update policy and governance, technology strategies, solution architecture, and assessments.
• Supports incident management/response across the enterprise and provides consistent security monitoring, response, follow-up investigation, and determination of root cause. Evaluate security alerts generated by internal systems, vendors, and other industry sources.
• Supports the user access review process and other monitoring aspects of identity and access management.
• Works with IT control owners in creating documentation, interpretation and monitoring of IT general controls.
• Interacts with third-party managed security service providers as required to facilitate ongoing system testing and monitoring.
• Reviews active threat intelligence and other sources and suggest enhancements to security posture.
• Works with internal and external auditors during examinations providing support and assistance in addressing audit recommendations.

Benefits

• medical
• dental
• vision
• retirement benefits
• paid time off
• other employee programs that support well-being and growth
• Annual Incentive Plan (AIP)