Information Security Analyst, Associate

About The Position

Requirements

• Bachelor's degree from four-year college or university (in Information Technology, Computer Science, or a related field preferred) plus 0-2 years of related experience; or equivalent combination of education and experience.
• Experience working in an enterprise architecture, information security, information technology or information risk management related field.
• Experience with technical security controls (e.g. AAA, multi-factor authentication, network or host based firewalls, network or host based intrusion detection/prevention systems, anti-virus, encryption, Virtual Private Networks (VPN), web application firewalls, configuration management, host hardening, continuous monitoring, incident response, or data loss prevention administration) within an organization or in a consulting capacity.
• Experience conducting security and IT control audits assessments.
• Experience working with vulnerability scanners.
• Experience working with penetration testing tools (Metasploit, Nmap, and Burp Suite)
• Must demonstrate understanding of infrastructure and application security requirements and architecture.
• Demonstrated experience with security architecture solutions for large, critical systems and an understanding of Information Security standards, frameworks/methodologies, and best practice (NIST, ISO 2700x, CIS, ITIL, CoBIT, OCTAVE, GLBA).
• Understanding of host security architecture best practices.
• Understanding of network security architecture best practices.
• Ability to work well under pressure and to meet tight deadlines.
• Demonstrate a high level of motivation, confidence, integrity, and responsibility.
• Possess excellent written and verbal communication skills, presentation, and problem-solving skills and be able to interact well with peers and internal customers.
• To facilitate working from home, and as a requirement for this role, candidates must provide their own reliable, high speed internet access with sufficient bandwidth to execute all job functions.

Nice To Haves

• Prefer one or more of the following active certifications: CISSP, CISM, CISA, CEH, CompTia Security+, GCIA, GPEN or GSEC.

Responsibilities

• Participate in the monitoring of defense in-depth security measures, Data Loss Prevention (DLP), digital forensics, vulnerability assessments, penetration tests, hardware and software remediation strategies, malware prevention, security audits and remediation activities. Will also assist with the handling of security incident responses.
• Actively participate in the monitoring and administration of all information security requests to ensure they receive proper verification, validation, and authorization prior to being approved.
• Maintain up-to-date detailed knowledge of the Information security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Provide support for security activities in the software/system development life cycle (SDLC) and application development efforts.
• Assist with the administration creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures).

Benefits

• healthcare coverage
• PTO
• paid holidays
• 401(k)
• company-provided life insurance/disability coverage
• wellness options