IT Security Analyst

About The Position

Requirements

• Undergraduate degree with discipline in the areas of Computer Science, Management Information Systems, Information Assurance, or Cyber Security are preferred. Equivalent experience and/or training also acceptable
• Familiarity with SIEM deployment and development with solutions like Splunk
• Use of automated tools as well as manual testing methods to identify and validate vulnerabilities
• Security practitioner certifications (CEH, CISSP, GIAC, OSCP, or equivalent)
• Strong competency with security testing tools (e.g. Nessus, Nexpose, Qualys, Burp, Nmap, Kali, Metasploit, Responder, Wireshark, Kismet, Aircrack-ng, Redseal, Nipper, etc.)
• Ability to demonstrate creating comprehensive deliverables (e.g. Penetration Test Reports, Configuration Review Assessments, Vulnerability Assessments, etc.)
• Experience with scripting and/or programming languages such as Python, C#, Bash, PowerShell, etc.
• Cloud PaaS experience with providers like Azure, AWS, and GCP
• Ability to manage and/or enhance services to integrate Static and Dynamic Application Security Testing into the SDLC, ensuring that new applications or applications undergoing a major change are assessed for vulnerabilities prior to production implementation
• 2+ years of experience performing Vulnerability Assessments, Penetration Tests, Wireless Security Testing and/or Configuration Review
• Must be proactive and have a strong work ethic
• Must be organized and able to plan/orchestrate work activities
• Must have excellent analytical and problem-solving skills
• Must be able to work independently and in a team environment
• Must be an effective communicator in both technical and common business language
• Must be an effective communicator in both written and verbal forms
• Understanding of agile and lean frameworks, including Scrum and Kanban

Responsibilities

• Perform reviews of business application and infrastructure systems
• Participate in various projects throughout the company with the objective of identifying cyber and information security risks
• Develop strategies and plans to enforce security requirements and address identified risks
• Develop T-shaped skills within all areas assigned to the Security and Operations team
• Collaborate with team members from other subject domains to define and mature security practices
• Partner with others on the Security and Operations team for technology research, innovation, and experimentation efforts
• Possess the desire to grow both technically and professionally in the information security field

Benefits

• Full insurance benefits package including Medical, Dental, & Vision
• Paid time off to foster work/life balance
• Profit sharing
• Bonus Pay opportunities
• Retirement funding opportunities
• Education reimbursement
• Health club reimbursement
• Career advancement opportunities