IT Security Analyst II

About The Position

Requirements

• 3+ years of Security Operations Center experience
• Strong knowledge of security frameworks and regulations including NIST, ISO, PCI-DSS, FERPA, GLBA, GDPR, HIPAA, FTC, and privacy laws
• Experience working with AWS core services including networking, storage, database, and identity
• Working knowledge of integrating security controls throughout CI/CD pipelines and cloud environments
• Experience analyzing SIEM, network, system, and IDS alert logs and tuning detection content
• Familiarity with MITRE ATT&CK framework and use case and alert development aligned to it
• Proficiency with scripting and automation using languages such as Python or Bash
• Excellent analytical, problem-solving, and written and verbal communication skills

Nice To Haves

• 8 years of Security Operations Center experience
• Advanced experience with penetration testing, threat detection engineering, or digital forensics
• Experience developing security documentation and end-user operating manuals
• Industry-recognized security certifications such as CISSP, GIAC, ISACA, CCSP, CCSK, or AWS security certifications
• Equivalent relevant experience performing the essential functions of this role may be considered in place of formal education. Generally, one year of relevant experience may substitute for one year of education at the hiring manager’s discretion.

Responsibilities

• Serve as a lead analyst on one or more security efforts such as incident response, digital forensics, penetration testing, automation and integration, PKI infrastructure, or code security
• Provide expertise across multiple information security domains and mentor less experienced analysts as needed
• Monitor, analyze, and respond to security events using SIEM, IDS/IPS, EDR, DLP, endpoint protection, and firewall technologies
• Investigate security incidents including phishing, malware, and anomalous endpoint or network behavior
• Perform incident handling, digital forensics, continuous monitoring, and intrusion detection and prevention
• Collaborate with architects, risk professionals, and other security partners to implement preventive, detective, and corrective controls
• Develop, maintain, and improve security documentation, processes, and operational runbooks

Benefits

• bonuses
• medical, dental, vision, telehealth and mental healthcare
• health savings account and flexible spending account
• basic and voluntary life insurance
• disability coverage
• accident, critical illness and hospital indemnity supplemental coverages
• legal and identity theft coverage
• retirement savings plan
• wellbeing program
• discounted WGU tuition
• flexible paid time off for rest and relaxation with no need for accrual
• flexible paid sick time with no need for accrual
• 11 paid holidays
• other paid leaves, including up to 12 weeks of parental leave