Information Systems Security Analyst

About The Position

Requirements

• Minimum of four (4) years of professional experience in cybersecurity or information security
• Experience supporting enterprise IT environments, including networks, systems, and applications
• Experience with risk assessment, incident response, and security operations
• Experience working in regulated or compliance-driven environments
• Knowledge of cybersecurity principles, threats, vulnerabilities, and risk management processes
• Experience with encryption technologies and secure protocols (e.g., IPSEC, AES, IKE, SHA, 3DES)
• Understanding of network protocols, TCP/IP, and the OSI model
• Experience with intrusion detection, incident handling, and network traffic analysis
• Familiarity with system and application security threats (e.g., buffer overflow, XSS, SQL injection)
• Knowledge of access control mechanisms and system hardening techniques
• Understanding of disaster recovery, backup, and continuity planning
• Familiarity with national and international cybersecurity laws, policies, and ethical standards
• Knowledge of data protection requirements for PII, PCI, and PHI
• IAT Level II certification that includes one of the following: Comp TIA Security +, CCNA, GICSP, GSEC, SSCP

Nice To Haves

• Experience with cloud computing environments and cloud security architectures (SaaS, IaaS, PaaS)
• Familiarity with ISO or similar organizational and security standards
• Experience with system performance and availability monitoring tools
• Knowledge of enterprise incident response programs and governance models
• Experience supporting penetration testing tools and methodologies
• Familiarity with information security program or project management principles
• Understanding of secure acquisition processes and IT supply chain risk management
• Ability to support organizational risk tolerance assessments and mitigation planning

Responsibilities

• Assess cybersecurity risks, threats, and vulnerabilities across systems, networks, and applications
• Implement and support encryption, access control, and secure communication mechanisms
• Monitor system and network activity to identify, analyze, and respond to security incidents
• Support incident response operations, including detection, containment, and recovery
• Conduct network traffic analysis and support intrusion detection activities
• Support data backup, recovery, disaster recovery, and continuity of operations planning
• Analyze system and application security weaknesses and recommend mitigation strategies
• Contribute to security architecture and enterprise security framework alignment
• Support penetration testing activities and remediation efforts
• Ensure security practices align with applicable laws, regulations, and organizational policies
• Support secure system lifecycle activities from design through operations

Benefits

• B&A is proud to offer three robust individual and family medical plans to full time employees, including a Health Savings Account (HSA) option as well as two tiers of dental coverage, vision, life & AD&D, disability, accident, hospital indemnity, and critical illness insurance.
• In addition to these benefits, B&A employees enjoy paid time off, B&A sponsored trainings and certifications, pet insurance benefits, commuter transit benefits and a free subscription to a virtual exercise platform (NEOU).
• B&A’s 401(k) plan is available to all employees and includes a company matching contribution.
• The B&A Cares program: 30/60/90-day wellness check ins, personal development, financial management, and stress management seminars, and more
• A formal mentorship program
• Job shadowing and cross training opportunities
• Brand Ambassador program
• Employee Assistance Program (EAP) - Access to various support resources to include counseling, legal guidance, financial planning, and more
• Monthly teambuilding events
• B&A Annual Wellness Challenges: #StepWithB&A, #WalkDuringLunchWithB&A, #VolunteeringWithB&A, #ExerciseDuringLunchWithB&A, and more