SUMMARY:

• Information Security Analyst will be responsible for assisting in maintaining the security infrastructure.
• The Analyst will provide information security expertise to reduce enterprise risk and ensure appropriate levels of data confidentiality, integrity, and availability.
• Responsible for articulating technical security requirements, monitoring the effectiveness of the IT security controls framework, and raising the level of security awareness and policy compliance among employees.
• IT security experience in the application, systems or network layers
• Experience with security tools such as IDS/IPS, HIDS, FIM, and vulnerability scanners.
• Experience with encryption technologies, DRM, PKI, secure coding
• Knowledge of Active Directory security (Security and distribution groups, access controls, etc.)
• PowerShell scripting and coding abilities are a plus
• Excellent communication skills
• A genuine desire to continue learning
• CISSP certification a plus
• Audit, compliance and validation experience
• Experience leading internal/external audits or assessments
• Experience with security frameworks or compliance standards, including PCI - DSS, NIST, SOX, etc.

PROFESSIONAL EXPERIENCE:

Confidential

Responsibilities:

• Interface with customers to assess, develop and improve their information security through the following tasks
• Provide technical assistance in the selection and configuration of tools in support of a secure enterprise.
• Acknowledge and respond to security incidents reported to or identified by the Information Security team.
• Classify and track incidents through identification and resolution.
• Understand vulnerability management tools that perform internal and external vulnerability assessments.
• Deploy, manage and monitor IDS/IPS and WAF, to identify and assess network and application layer threats.
• Serve as a point of contact for application, network, and cloud security inquiries.
• Provide advice and assistance to teams to improve security posture.
• Develop a system that provides metrics to support Information Security initiatives and security awareness across the company.
• Responsible for granting, modifying, and removing user access for all enterprise applications
• Responsible for LDAP user and group creation, maintenance, and removal.
• Responsible for modifying file server permissions as needed for user access.
• Responsible for email distribution lists and shared mailbox creations.
• Responsible for Identity Management/SSO solutions.
• Responsible for Mobile Device Management solutions.
• Be willing to adapt to rapidly changing network security technology, and apply it to business needs.
• Be experienced in the administration and support of various operating systems.
• Have experience driving vendors and co-sourcing partners to successfully resolve problems.
• Participate in an on-call rotation.
• Respond to emergency calls during non-business hours.
• Any other duties asked to perform by your manager.

Confidential

Responsibilities:

• Participate in various security audits. Prepare necessary security documentation and evidence during audits.
• Promote awareness of applicable security policies and standards.
• Implement or coordinate remediation required by audits, as necessary.
• Review of security documentation and architecture to provide approvals for application deployments, firewall rules, etc.