IT Security Analyst II

About The Position

Requirements

• Bachelor's degree in Computer Science, Engineering or related field required.
• Minimum 3 years' cyber security experience required
• Maintain a continuous personal professional development program; this level requires CISSP certification and commitment to pursue additional training or certifications in risk, security, governance, compliance (e.g., CISSP-ISSEP, CISSP-ISSAP, CISSP-ISSMP, GICSP, GMOB, GCIH, CRCMP, CISA, CGEIT, CRISC, CRMA, CORP, advanced degree)

Nice To Haves

• Experience with security operations preferred
• Experience with SIEM systems preferred
• Strong understanding of IP, TCP/IP, and other network administration protocols preferred
• Strong understanding of Windows and Linux systems preferred
• Familiarity with security incident response preferred

Responsibilities

• Support / Execute the implementation of a risk and policy framework including distribution and maintenance of information security and related policies, as assigned by more senior RISC personnel. Implementation should support the department's accountability in setting risk and security policies, standards, guidelines, processes, and procedures.
• Maintain up-to-date in-depth knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Recommend additional security solutions, or enhancements to existing security solutions to improve overall enterprise security.
• Perform the deployment integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with industry and company standards.
• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (e.g. security tools) or not (e.g. workstations, servers)
• Review logs and reports of all in-place devices. Interpret the implications of activity and devise plans for appropriate resolution.
• Participate / advise in the design and execution of vulnerability assessments, penetration tests, and security audits.
• Provide call escalation for all in-place security solutions.
• Research and write security, risk, and compliance reports indicating the existence of, and effectiveness of, information technology related controls.
• Evaluate new or modified systems, processes, and/or products vs internal security standards to identify risks that fall outside of Sheetz' risk tolerances.
• Collaborate with core business partners and other security teams to improve controls via create process design which meet the evolving business needs for customer experience and efficiency.
• Provide risk consulting and/or training to business and technical partners to improve the effectiveness of risk management across the enterprise.
• Provide evening and weekend "on call / issue" support as needed. Sheetz is open 24,7,365 and as such, our internal and externa, customers may require support at any time.

Benefits

• quarterly employee bonuses based on company performance
• competitive salaries
• PTO and parental leave
• 401k match and employee stock ownership
• limitless professional development and growth opportunities
• tuition reimbursement
• full medical, vision and dental coverage
• snack discounts