Senior/Information Security Analyst - Re-Post

About The Position

Requirements

• Bachelor's degree in a related field and five (5) years of directly related experience in information security, digital networking, computing, telecommunications or SCADA/EMS operations (for Senior role).
• Bachelor's degree in Computer Science, Information Management, or a related field and two (2) years of directly related experience in information security, digital networking, computing, telecommunications or SCADA/EMS operations (for Analyst role).
• An Associate's degree in Computer Science, Information Management, or a related field and six (6) years of direct work experience may be considered as a substitute for a degree (for Analyst role).
• Ability to read, analyze and interpret general business periodicals, professional journals, technical procedures or governmental regulations.
• Ability to write reports, business correspondence and procedure manuals.
• Ability to effectively present information and respond to questions from groups of employees, managers, clients or customers.
• Ability to work with mathematical concepts such as probability and statistical inference, fundamentals of plane and solid geometry, trigonometry, calculus and differential equations.
• Ability to apply concepts such as fractions, percentages, ratios and proportions to practical situations.
• Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists.
• Ability to interpret a variety of instructions furnished in written, oral, diagram, or schedule form.
• Knowledge and experience using Microsoft Office products is required.
• Must be able to attain CISSP or similar within twelve (12) months of hire.

Nice To Haves

• Extensive knowledge of TCP/IP and Cisco routing and switching, as well as proven experience with Cisco ASA firewall and VPN appliances, is preferred.
• Industry specific certifications may be substituted for experience at the rate of one (1) year experience for each certification.
• Directly related experience may be substituted for education at the rate of two (2) years of experience for one (1) year of education.
• CCNA, CCNP, Comptia Network +, Comptia Security +, CISSP, GIAC, CEH or Engineer-level Operating System certifications is desirable.

Responsibilities

• Ensures the stability and integrity of in-house electronic access control and monitoring systems, which may include SEIM devices, IDS sensors, IPS, data diodes, firewalls, switches, routers, application white listing, network anomaly detection devices, log retention systems, log forwarding systems, network monitoring systems, and analytics software.
• Performs change management and configuration activities, security controls testing, system baseline activities, vulnerability testing and analysis, and network traffic analysis.
• Installs, troubleshoots, and maintains hardware and software systems related to electronic access control and monitoring systems.
• Reviews logs, configurations, rule sets, user accounts, account groups, and network traffic for adherence to policy/procedure.
• Responds to anomalous events that will require analysis and will have to synthesize and correlate complex events to ensure operational security.
• Tests and implements IDS/IPS rule sets and signatures.
• Conducts security controls testing after significant changes to cyber assets to ensure proper security posture to meet regulatory guidelines.
• Monitors cyber assets and critical infrastructure to ensure system up-time.
• Engages in change/configuration management activities for cyber assets.
• Performs network traffic analysis when anomalous traffic needs to be investigated.
• Assists in conducting incident response and forensic investigations.
• Conducts vulnerability testing, analysis, and mitigation for cyber assets.
• Analyzes network infrastructure rule sets manually and uses software tools to ensure proper security posture for compliance.
• Writes reports and briefings related to specific information security issues.
• Tickets and tracks operational issues related to the security posture of cyber assets.
• Conducts research on network products, services, protocols, and standards to remain abreast of developments in the information security industry.
• Participates in exercises that test policies, procedures, and skills required by business and critical operations.
• Participates in in-house, regulatory, and industry teams, including working groups, committees, incident response teams, and business continuity teams.

Benefits

• WFEC Administrative Procedure 805-Alcohol and Drug-Free Workplace