Information Systems Security Analyst II

Jackson Laboratory•Farmington, CT

31d•$113,006 - $141,138•Remote

About The Position

Responsible for maintaining the security and integrity of data and systems for a large, complex site or network; leading the coordination effort with system and/or application administrators to remediate security alerts, address identified vulnerabilities and respond to information security related incidents; improving the overall security posture of the organization; evaluating, testing, and documenting security solutions and controls; establishing and recommending policies on application, system and services security; providing technical leadership on information systems security to system, application administrators, and others of equivalent seniority; implementing technical systems and monitoring for unusual and suspicious activity across a wide range of products; identifying security issues, risks, and developing approaches to mitigate vulnerabilities and recommend changes to system and system components as needed; responsible for recurring vulnerability scanning, penetration testing, protected information scanning; ensuring security deficiencies are mitigated, corrected or a risk acceptance has been obtained by senior management; participating in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met; recommending baseline configuration changes to systems to optimize security including patching levels, hardening operating systems / applications and monitoring; performing on-going assessments on existing systems to identify new vulnerabilities and recommend hardening procedures; contributing in building security architecture; responsible for cross-system review of security logs and audit trails to meet regulatory compliance; standard operating procedures include but are not limited to daily review of access, backup and application logs; and documents and recommends activities needed to keep the system secure including submitting Requests for Change (RFC); participating and reporting on security audits and risk analysis; developing documentation to support ongoing security systems operations, maintenance, and specific problem resolution; developing technical solutions and automate repeatable tasks to help mitigate security vulnerabilities; conducting research on emerging security products and technologies to justify recommendations and to support purchasing efforts, and interacting and negotiating with vendors, outsourcers, and contractors to secure system-related products and services; recommending new security tools, improvements to policies and SOPs; recommending effective improvements to existing security controls that balance security and business innovation; participating in security compliance efforts including PCI DSS, HIPAA; conducting routine audits and reporting any deviations to senior management; recommending corrective actions to system, network and application administrators; maintaining vendor management standards, questionnaires and documentation to adhere to regulatory compliance; working within the computer security incident response team members work together with other team members to prepare for and provide rapid response to security threats such as virus attacks; developing procedural set of responses to security problems, including protocols for communication within the organization as well as any interaction with law enforcement agencies during computer security incidents; and functioning as a technical lead during security incident response.

Requirements

Bachelor's in Computer Information Systems or a related field, or an equivalent combination of education & experience (will accept bachelor's-degree equivalent combination of education & experience based upon equivalency evaluation by qualified credential evaluator)
Requires 5 years of progressive experience in information systems administration, managed security engineering, or information security
All qualified candidates must have experience/skills performing & managing operating system administration including Linux, CentOS, SuSE, & Ubuntu
Implementing encryption & digital certificates, networking components including IDS/IPS & Firewalls, & log management, syslog analysis, & TCP/IP analysis
Carrying out vulnerability assessment for systems & web security including cross-site scripting, SQL injection, cross-site request forgery, HTTP response splintering, the OWASP Top 10 & SANS Top 20 & remediation techniques
Performing system monitoring & reporting tools including SIEMs & FIM

Responsibilities

Maintaining the security and integrity of data and systems
Leading the coordination effort with system and/or application administrators to remediate security alerts
Addressing identified vulnerabilities and respond to information security related incidents
Improving the overall security posture of the organization
Evaluating, testing, and documenting security solutions and controls
Establishing and recommending policies on application, system and services security
Providing technical leadership on information systems security to system, application administrators, and others of equivalent seniority
Implementing technical systems and monitoring for unusual and suspicious activity across a wide range of products
Identifying security issues, risks, and developing approaches to mitigate vulnerabilities and recommend changes to system and system components as needed
Responsible for recurring vulnerability scanning, penetration testing, protected information scanning
Ensuring security deficiencies are mitigated, corrected or a risk acceptance has been obtained by senior management
Participating in technical and non-technical projects requiring information security oversight and to ensure policies, procedures and standards are met
Recommending baseline configuration changes to systems to optimize security including patching levels, hardening operating systems / applications and monitoring
Performing on-going assessments on existing systems to identify new vulnerabilities and recommend hardening procedures
Contributing in building security architecture
Responsible for cross-system review of security logs and audit trails to meet regulatory compliance
Standard operating procedures include but are not limited to daily review of access, backup and application logs
Documents and recommends activities needed to keep the system secure including submitting Requests for Change (RFC)
Participating and reporting on security audits and risk analysis
Developing documentation to support ongoing security systems operations, maintenance, and specific problem resolution
Developing technical solutions and automate repeatable tasks to help mitigate security vulnerabilities
Conducting research on emerging security products and technologies to justify recommendations and to support purchasing efforts, and interacting and negotiating with vendors, outsourcers, and contractors to secure system-related products and services
Recommending new security tools, improvements to policies and SOPs
Recommending effective improvements to existing security controls that balance security and business innovation
Participating in security compliance efforts including PCI DSS, HIPAA
Conducting routine audits and reporting any deviations to senior management
Recommending corrective actions to system, network and application administrators
Maintaining vendor management standards, questionnaires and documentation to adhere to regulatory compliance
Working within the computer security incident response team members work together with other team members to prepare for and provide rapid response to security threats such as virus attacks
Developing procedural set of responses to security problems, including protocols for communication within the organization as well as any interaction with law enforcement agencies during computer security incidents
Functioning as a technical lead during security incident response