Senior/Information Security Analyst

About The Position

Requirements

• A Bachelor's degree in a related field and five (5) years of directly related experience in information security, digital networking, computing, telecommunications or SCADA/EMS operations is required.
• Extensive knowledge of TCP/IP and Cisco routing and switching, as well as proven experience with Cisco ASA firewall and VPN appliances, is preferred.
• Industry specific certifications may be substituted for experience at the rate of one (1) year experience for each certification.
• Directly related experience may be substituted for education at the rate of two (2) years of experience for one (1) year of education.
• A Bachelor's degree in Computer Science, Information Management, or a related field and two (2) years of directly related experience in information security, digital networking, computing, telecommunications or SCADA/EMS operations is required.
• An Associate's degree in Computer Science, Information Management, or a related field and six (6) years of direct work experience may be considered as a substitute for a degree.
• Extensive knowledge of TCP/IP, Cisco routing and switching and proven experience with Cisco ASA firewall and VPN appliances is preferred.
• Industry specific certifications may be substituted for experience at the rate of one (1) year of experience for each certification.
• Directly related experience may be substituted for education at the rate of two (2) years of experience for one (1) year of education.
• Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures or governmental regulations.
• Ability to write reports, business correspondence and procedure manuals.
• Ability to effectively present information and respond to questions from groups of employees, managers, clients or customers.
• Ability to work with mathematical concepts such as probability and statistical inference, fundamentals of plane and solid geometry, trigonometry, calculus and differential equations.
• Ability to apply concepts such as fractions, percentages, ratios and proportions to practical situations.
• Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists.
• Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form.
• In addition to the qualifications listed above, knowledge and experience using Microsoft Office products is required.
• Requires a current driver's license.
• Must be able to attain CISSP or similar within twelve (12) months of hire.

Nice To Haves

• CCNA
• CCNP
• Comptia Network +
• Comptia Security +
• CISSP
• GIAC
• CEH
• Engineer-level Operating System certifications is desirable.

Responsibilities

• Ensures the stability and integrity of in-house electronic access control and monitoring systems which may include SEIM devices, IDS sensors, IPS, data diodes, firewalls, switches, routers, application white listing, network anomaly detection devices, log retention systems, log forwarding systems, network monitoring systems, and analytics software used in the monitoring of critical cyber assets associated with the operation of multiple departments.
• Performs change management and configuration activities, security controls testing, system baseline activities, vulnerability testing and analysis, and network traffic analysis to ensure system reliability and security.
• Installs, troubleshoots, and maintains hardware and software systems related to electronic access control and monitoring systems.
• Reviews logs, configurations, rule sets, user accounts, account groups, and network traffic for adherence to policy/procedure.
• Responds to anomalous events that will require analysis and will have to synthesize and correlate complex events to ensure operational security.
• Tests and implements IDS/IPS rule sets and signatures.
• Conducts security controls testing after significant changes to cyber assets to ensure proper security posture to meet regulatory guidelines.
• Monitors cyber assets and critical infrastructure to ensure system up-time.
• Engages in change/configuration management activities for cyber assets.
• Performs network traffic analysis when anomalous traffic needs to be investigated.
• Assists in conducting incident response and forensic investigations.
• Conducts vulnerability testing, analysis, and mitigation for cyber assets.
• Analyzes network infrastructure rule sets manually and uses software tools to ensure proper security posture for compliance.
• Writes reports and briefings related to specific information security issues.
• Tickets and tracks operational issues related to the security posture of cyber assets which are in scope for this group.
• Conducts research on network products, services, protocols, and standards to remain abreast of developments in the information security industry.
• Participates in exercises that test policies, procedures, and skills which are required by business and critical operations.
• Participates in in-house, regulatory, and industry teams including working groups, committees, incident response teams, and business continuity teams as required.