Sr. Analyst, Infrastructure and InfoSec

About The Position

Requirements

• Four-Year College Degree (BA or BS): Information Technology, Computer Science, Computer Engineering or related areas
• 2-5 years of relevant / progressive work experience (in similar field and/or industry)
• Excellent interpersonal and customer service skills
• Experience with computer network penetration testing and techniques
• Exceptional teamwork and communication skills to help other technical support workers / multifunctional teams
• Knowledge and experience with security technologies and methodologies
• CompTIA A+ Certification
• Expertise in supporting MS products. For example: operating systems and 365
• Ability to identify and mitigate network vulnerabilities
• Strong verbal and written communication skills - Spanish and English
• Ability to learn new technologies and implement them
• Knowledge of firewalls, antivirus, and intrusion detection system concepts
• SQL knowledge for building basic queries and tables
• CCZT Zero Trust Certification

Nice To Haves

• 5-10 years of relevant / progressive work experience (in similar field and/or industry)

Responsibilities

• Attain a strong understanding of business processes, policies, procedures, governance practices and regulatory requirements.
• Ensure that all processes and technologies are compliant with TFS Information Security standards (GISG, TMCC, etc.).
• Complete monthly report of Key Risk Indicators for IT Security Department including vulnerabilities scores, endpoint compliance, material incidents, etc.
• Provide InfoSec status to ERMC committee when needed.
• Identify non-compliance to security standards or controls and submit exceptions for approval.
• Provide status and metrics of information security activities and review with Information Security Officer (ISO) and AOR GISG regional representative for TCPR.
• Attend AOR InfoSec-GISG/GISS meetings to learn best practices and updated activities for InfoSec. Communicate updates pertaining to TCPR.
• Ensure that access to information assets is authorized by management and asset owners.
• Ensure that user access is monitored and regularly reviewed (attestation).
• Ensure that new hires are provisioned with appropriate equipment and access in a timely manner.
• Ensure the access for terminated users are removed in a timely matter.
• Manage and conduct all required security training. Ensure that all team members and new hires complete the required security awareness training.
• Report to IT Manager the list of team members who are not in compliance with training or fail phishing tests.
• Comply with all continued education requirements, including professional courses, certifications, seminars, trainings, etc., to support the business need.
• Ensure that security requirements are addressed throughout the lifecycle of all TCPR assets.
• Ensure inventories of information assets; including on-premises/cloud network, servers/ workstations, operating systems, applications, and mobile computers and devices are securely configured and issued.
• Ensure with TMCC that all network devices, servers, workstations, mobile devices, and all other endpoints are protected and monitored for malicious activities.
• Identify and track system and application vulnerabilities.
• Perform research and analysis of complex vulnerability incidents until resolved to ensure compliance metrics are being met. This includes cross collaboration to obtain root cause, recommend and determine best fix and apply patch.
• Work with IT and other resources on vulnerability remediation plans including dates for remediation and responsibilities. Monitor status and progress of the remediation and report to IT Manager.
• Provide TCPR's ISO with periodic status updates on remedial efforts.
• Monitor endpoint protection compliance to ensure metric is met weekly for monthly reporting. If issues are found must review, research, and analyze to resolve.
• Oversee technological upgrades, tasks, improvements, and major changes to the information security environment.
• Support the security infrastructure and technologies established for TCPR.
• Conduct logging of network and system activities (users, local applications, access to physical assets, etc.).
• Monitor logs and other sources of information (users, applications, networks, systems, access to physical assets, etc.).
• Analyze, assess, and address any suspected malicious activities and escalate to appropriate teams.
• Member of the Security Incident Response Team (SIRT) as a technical SME.
• Assist the ISO with security incidents (detection, analysis, response, and recovery).
• With the ISO, perform tests, exercises, and drills of all response plans.
• With the ISO, perform problem management, root cause analysis, and postmortem reviews following the occurrence of incidents.
• With the ISO, conduct forensic investigations by working with law enforcement and other regulatory bodies during and following an incident.
• Provide direct technical support to onsite infrastructure managed by TMCC.
• Implement infrastructure upgrades led by TMCC. Prior, must complete analysis to ensure that operations will not be impacted post update by planning and coordinating efforts proactively.
• Complete data room maintenance. Prior, must plan and communicate shut down of equipment without interrupting daily operations. This may include working outside of scheduled hours or days.
• Answer all requests received from Headquarters on potential errors or problems detected in network and adheres to necessary prevention guidelines applying expert knowledge and analytical work to resolve.
• Coordinate new technology and facilities implementations and integrations that might include yearlong projects, demonstrating expertise and proficiency. Provide ideas and solutions on the subject matter.
• Manage local and mainland vendors for implementation support. Confirm that expenses incurred for computers, servers, network, and any other technology equipment is aligned to budget and that items purchased are valid.