IT Security Analyst I

About The Position

Requirements

• Bachelor's degree in Computer Science, Engineering, or related field required.
• No previous experience required
• Maintain a continuous personal professional development program; this level requires CISSP certification and commitment to pursue additional training or certifications in risk, security, governance, compliance (e.g., CISSP-ISSEP, CISSP-ISSAP, CISSP-ISSMP, GICSP, GMOB, GCIH, CRCMP, CISA, CGEIT, CRISC, CRMA, CORP, advanced degree)

Nice To Haves

• Prior internship within RISC preferred

Responsibilities

• Support the implementation of a risk and policy framework including distribution and maintenance of information security and related policies, as assigned by more senior RISC personnel. Implementation should support the department's accountability in setting risk and security policies, standards, guidelines, processes and procedures
• Maintain up-to-date basic knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
• Assist with the deployment integration, and intial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry and company standards.
• Support activities on projects and work streams as assigned
• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (e.g. security tools) or not (e.g. workstations, servers)
• Monitor all in-place security solutions for efficient and appropriate operations.
• Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
• Act as initial contact point for end users / other IT staff for in-place security solutions
• Research and write security, risk, and compliance reports indicating the existence of, and effectiveness of, information technology related controls
• Support the design of elements of the information security management system (ISMS) that provides a standard, formal, and continuous approach consistent with NIST and ISO.
• Provide evening and weekend "on call / issue" support as needed. Sheetz is open 24,7,365 and as such, our internal and externa, customers may require support at any time.

Benefits

• quarterly employee bonuses based on company performance
• competitive salaries
• PTO and parental leave
• 401k match and employee stock ownership
• limitless professional development and growth opportunities
• tuition reimbursement
• full medical, vision and dental coverage
• snack discounts