Information Security Analyst

About The Position

Requirements

• Bachelors, Information Technology or High School Diploma/GED and appropriate on the job experience in information technology and/or information security.
• Minimum of one year experience as an information security analyst or two years of experience in a technical focused IT role (including but not limited to service desk, server administration, network administration, IT compliance or other systems support role).
• Ability to deal with changing priorities and multi-task several projects.
• Ability to identify compromised systems and lead remediation efforts.
• Excellent presentation and communication skills.
• Demonstrable verbal and written communication experience.
• Detail-oriented individuals that work well in a team environment and have a hunger to learn.
• Analytical and problem-solving skills
• Must be locally located and willing to commute 3 days into office.

Nice To Haves

• Experience with using and/or managing a commercial SIEM.
• Candidates should have a working knowledge of basic information security concepts and beginning to intermediate familiarity with common security technologies such as anti-virus, firewalls, DLP, web content filters, proxy servers, intrusion prevention systems, Windows event logging and syslog.
• Candidates should be familiar with networking fundamentals and have a basic to intermediate understanding of common network and application layer protocols such as TCP/IP, HTTP, DNS, SMTP and FTP.
• Information Security certifications, such as: CISSP, GSEC, GCED, Security+, etc. are a plus.
• Other entry level IT certifications, such as: Network+, Linux+, etc. are a plus.
• This position is not open to relocation and does not provide sponsorship now or in the future.

Responsibilities

• Monitors log and event output from multiple information security tools including but not limited to security information and event management (SIEM) technology, firewalls, networks, secure web/e-mail proxy, threat intel platforms, and end user security platforms.
• Investigates anomalies and responds according to established standard operating procedures.
• Performs routine but critical information security technology tasks including but not limited to SIEM tuning, secure web proxy configuration changes, e-mail security investigations, firewall change request reviews and software approval assessments.
• Participates and leads security incident response procedures.
• Processes any information security policy changes needed as determined by information security team leadership.
• Researches trending threats and provides regular reports with accompanying security tools impact analyses.
• Acts as a technical resource during internal and external audit engagements and is responsible for gathering security related technical evidence as required.
• Educates employees in information security best practices.
• Stays abreast of developments in the information security industry.
• Takes initiative on leading security related projects as determined by information security team leadership.
• Represents the information security team on cross team co-operative projects with other shared service organizations as required.