Sr. Cyber Security Analyst -40 hours Full Time

About The Position

Requirements

• Education Required: Bachelor’s degree in Information Systems or equivalent
• Experience Required: Minimum of six (6) years of enterprise security related work experience.
• Minimum of four (4) years incident response/forensics experience.
• Previous 24 x 7 operations experience
• Required: Certified Information Systems Security Professional (CISSP) within 1 year of hire.
• Knowledge Experience and proficiency with: Anti-Virus, HIPS, IDS/IPS, Network Captures, Host-Based & Network Forensics.
• Knowledge of Linux, UNIX, Windows OS, Active Directory and other operating systems.
• Knowledge of database platforms such as MS SQL, Oracle, and MySQL.
• Experience with a scripting language (e.g. Powershell, Python)
• Skills: Excellent written communication and presentation skills with the ability to present complex security issues to a variety of audiences, including senior executives
• Abilities: Must be self-directed, able to manage individual projects or act as part of a larger team

Nice To Haves

• Preferred: CISM, PCI QSA, GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA).

Responsibilities

• Experienced in performing security audits, risk analysis, forensics and penetration testing.
• Actively monitor systems and networks for potential intrusions.
• Lead, conduct and maintain security risk assessments, identify security vulnerabilities, develop recommendations, document findings and remediation plans.
• Manage remediation plans toward closure.
• Define security standards & incident response plans to detect, respond and recover from security incidents using a risk based methodology.
• Develop and document security policies and procedures, training and awareness.
• Serve as a security expert reviewing and recommending security controls for network, application designs, operating systems, endpoint protection, mobile device implementations of new/updated applications and services.
• Ensure business and technical requirements are aligned to security policies and are implemented within regulatory and corporate compliance.
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; related to forensics and incident response.