Enterprise Security Analyst I

Pekin Insurance Careers•Pekin, IL

7d•Hybrid

About The Position

The Enterprise Security Analyst I is an entry-level role that supports the protection of organizational systems and data by maintaining the integrity, confidentiality, and availability of information. This position monitors and analyzes security events across multiple technologies, assists in identifying potential threats, supports incident response activities, and helps ensure the consistent and timely handling of security events in alignment with established procedures. The role also provides input to management on the effectiveness of network and data security controls.

Requirements

Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field required.
Typically requires 1-3 years of experience in related field. Past experience would be considered.
Certifications related to cyber security: Security+, GSEC.
Basic ability to communicate effectively in both oral and written form.
Basic ability to troubleshoot.
The ability to work on a team or individually as needed.
Analytical and problem-solving abilities.
Strong attention to detail.
Work as a team member and follow directions.
Analyze, organize, and prioritize work while meeting multiple deadlines.
Work comfortably in a fast-paced work environment.
Solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists.
Basic knowledge of troubleshooting and familiarity with Windows/Linux/Unix operating systems, log analysis, and correlation.
Basic knowledge of compliance standards and security frameworks (COBIT, NIST, HIPAA, ISO27001/2, OWASP, PCI).
Basic knowledge of networking communication protocols used within information security technology solutions.
Basic knowledge of network and host level security technologies and products such as IDS and vulnerability scanners.
Basic knowledge of security regulations and security requirements that impact the insurance industry (GLBA, HIPAA, PCI).
Applicants must be authorized to work in the U.S. without sponsorship now or in the future.

Responsibilities

Monitoring and triaging security alerts, performing basic investigations, following established playbooks to take initial response actions, documenting findings clearly, and escalating potential threats in a timely manner to ensure incidents are handled efficiently and within defined SLAs.
Assisting with user and service account access reviews (especially privileged access) including tracking and following up on password rotation requirements to ensure compliance.
Reviewing and processing whitelist requests in accordance with established security policies and playbooks.
Supporting phishing awareness efforts by analyzing reported emails and helping identify trends.
Performing basic log reviews and data validation across security tools.
Helping maintain and update runbooks/playbooks as processes evolve.
Participating in incident post-mortems to understand what happened and how to improve.
Tracking and reporting on recurring alerts or false positives for tuning opportunities.
Ensuring tickets and alerts are properly categorized and closed for audit readiness.
Supporting audit and compliance requests by gathering evidence when needed.
Collaborating with IT teams for containment and remediation actions.
Staying up to date on threat trends and internal security policies.
Performing other duties as assigned.