Information Security Analyst
About The Position
Responds to Information Security incidents working in a 24x7 operations department. Recommends risk mitigation, implements appropriate security safeguards, tests proposed security solutions, and performs audit/compliance and forensic activities as needed. Provides support for operational security tools and technologies by responding to alerts and troubleshooting issues. Assists with a variety of duties including analysis, system administration, technology testing, incident response and training junior security operations analysts. Serves as the primary interface to the Information Technology Operations Center personnel when responding to incidents.
What You’ll Do
- Reviews, validates, classifies, and responds to security events.
- Analyzes a variety of network and host-based security logs (Firewalls, NIDS, HIDS, Syslog, etc.).
- Maintains and increases professional and technical knowledge by attending workshops, reviewing professional publications, establishing personal networks and participating in professional societies.
- Conducts proactive threat and vulnerability research.
- Participates in incident reporting for high priority events, from initial response to triage, to determining remediation actions and escalation paths.
- Performs security Incident Event Management (SIEM) console monitoring and correlation.
- Evaluates new security technology for the organization through quantitative and qualitative measures.
- Provides skilled technical assistance in Information Security strategy and planning.
- Resolves Hotline issues (issue resolution, security incident reporting) and Abuse issues (email, phishing attacks, social engineering calls).
- Continuously monitors regulatory compliance through implemented Information Security technologies.
- Administers, monitors and troubleshoots antivirus activities, and email gateway issues.
- Configures and tests new IDS/IPS rules based on in-depth security analysis.
- Performs network and host DLP monitoring and logging.
- Performs application whitelisting and file integrity monitoring.
- Conducts threat and vulnerability research, intelligence and monitoring.
- Maintains and increases professional and technical knowledge by attending workshops, reviewing professional publications, establishing personal networks and participating in professional societies.
- May provide direction and support to less experienced security engineering staff to orient them and increase their understanding of more complex security analysis and design.
- Performs other duties as assigned or apparent.
What You Bring To The Table
- Minimum Knowledge, Skills, and Abilities:
- Bachelor’s degree in Computer Science or a related field, or equivalent experience
- Four years progressive IT security skills, IT audit experience can be included in experience
- Preferred Knowledge, Skills, and Abilities:
- Systems Security Certified Practitioner (SSCP), Security+, or comparable Information Security certification
- Proven ability performing moderately complex security analysis for information technology
- Thorough knowledge and understanding of the technical Information Security environments and processes
- Excellent oral and written communication skills to effectively interact with internal and external customers
- Technical expertise in anti-virus solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns
- Technical expertise in Intrusion Prevention System (IPS)/Intrusion Detection System (IDS), SIEMs and other Computer Network Defense (CND) security tools
- Demonstrated attention to detail
Equal Opportunity Employer
We particularly encourage applications from members of historically underrepresented racial/ethnic groups, women, individuals with disabilities, veterans, LGBTQ community members, and others who demonstrate the ability to help us achieve our vision of a diverse and inclusive community.