Information Security Analyst - Sugar Land East Lawn or Lubbock

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline; or the equivalent of combined education and relevant work experience. Advanced degrees in cybersecurity can substitute work experience on a year-for-year basis.
• Minimum of 1 year of experience in an information security or information technology role with responsibilities in one or more of the following domains: security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security. Direct experience in security operations, cyber defense, or incident management is preferred.
• Demonstrated ability to successfully execute initiatives in complex and highly regulated environments.
• General understanding of network communications and computer networking principles, including network addressing, configurations, digital communication systems, and associated protocols and endpoints, to ensure secure network environments.
• General understanding of client/server architecture, operating systems and software, encryption algorithms (including their capabilities and applications), and authentication/authorization tools and techniques.
• Strong understanding of cybersecurity principles and practices—including data integrity, operations security (OPSEC), network security, access control, data encryption, adversarial tactics, and threat remediation.
• Strong understanding of the characteristics of cybersecurity threats, vulnerabilities, and threat characteristics—including system and network attack vectors, malware, filename extension abuse, and web application security risks.
• Familiar with adversarial tactics, cyber-attack and exploitation tools and techniques (including network exploitation), data exfiltration methods, and insider attack patterns to effectively anticipate, detect, and counter malicious activities.
• General understanding of analytical, data analysis, and information searching tools and techniques, along with working proficiency in security information and event management (SIEM) and event correlation methods to accurately detect, analyze, and respond to security incidents.
• Proficient in navigating a fast-paced, highly regulated environments by applying critical thinking, establishing priorities, and tailoring complex information for diverse audiences.
• Competencies in mitigating cognitive biases, extrapolating from incomplete data sets, and performing comprehensive data analyses to derive actionable insights.
• Capable of recognizing and categorizing vulnerabilities, identifying malware threats, and effectively containing malware to protect systems and data.
• Proficient in effectively communicating, collaborating, and building strong relationships with internal and external stakeholders to achieve organizational objectives.
• Capable of leveraging a range of analytical techniques—including data, log file, behavioral, and threat analysis.
• Capable of anticipating threats, leading incident response processes, and recognizing behavioral patterns to detect and mitigate potential security risks.
• Capable of collecting and performing network traffic and packet-level analysis to identify network threats, protect against malware, and conduct intrusion data analysis.
• Capable of detecting host- and network-based intrusions, identifying insider threats, recognizing recurring threat incidents, uncovering filename extension abuse, spotting anomalous activity, and interpreting digital forensics data to maintain a robust security posture.
• Capable of gathering and querying data from diverse sources—including open-source and metadata extraction—correlating information across multiple tools and conducting thorough research.

Nice To Haves

• Professional certifications through ISC(2), ISACA, GIAC, OffSec or CompTIA are preferred.
• Banking or financial services industry experience is a plus.

Responsibilities

• Monitor security events and alerts across a variety of platforms (e.g., SIEM tools, intrusion detection systems, etc.).
• Effectively identify and triage security incidents through determining the scope, severity, and potential impact.
• Respond to security incidents promptly, coordinating with the incident response team to rapidly contain and mitigate threats.
• Maintain consistent documentation of security incidents and actions taken to ensure transparency and compliance.
• Produce incident response post-mortem analysis reports, including technical summaries of attackers’ tactics and techniques, impacts, root-cause, and other relevant incident findings.
• Provide regular updates to appropriate constituencies on security posture, ongoing incidents, and potential exposures.
• Identify the utility of digital evidence, correlate data, and perform analysis of logs to identify potential vulnerabilities, threats, intrusions, and incidents.
• Create and implement threat detection techniques and create alerting rules to enhance detective controls.
• Identify and assess risk introduced by technical and operational vulnerabilities using automated tools and manual techniques.
• Collaborate with cross-functional teams to support effective remediation strategies for identified vulnerabilities.
• Maintain awareness of emerging threats, attack vectors, and vulnerabilities to enhance incident detection and prevention strategies.
• Collect, analyze, and share threat intelligence relevant to the organization’s security posture with appropriate personnel.
• Maintain effective communication with internal and external stakeholders to ensure timely and accurate security incident awareness.
• Participate in security meetings and contribute to the development of incident response policies, procedures, and best practices.
• Work outside of regular business hours when necessary.
• Other duties as assigned.