Information Security Analyst will be responsible for assisting in maintaining the security infrastructure.
The Analyst will provide information security expertise to reduce enterprise risk and ensure appropriate levels of data confidentiality, integrity, and availability.
Responsible for articulating technical security requirements, monitoring the effectiveness of the IT security controls framework, and raising the level of security awareness and policy compliance among employees.
IT security experience in the application, systems or network layers
Experience with security tools such as IDS/IPS, HIDS, FIM, and vulnerability scanners.
Experience with encryption technologies, DRM, PKI, secure coding
Knowledge of Active Directory security (Security and distribution groups, access controls, etc.)
PowerShell scripting and coding abilities are a plus
Excellent communication skills
A genuine desire to continue learning
CISSP certification a plus
Audit, compliance and validation experience
Experience leading internal/external audits or assessments
Experience with security frameworks or compliance standards, including PCI - DSS, NIST, SOX, etc.
Interface with customers to assess, develop and improve their information security through the following tasks
Provide technical assistance in the selection and configuration of tools in support of a secure enterprise.
Acknowledge and respond to security incidents reported to or identified by the Information Security team.
Classify and track incidents through identification and resolution.
Understand vulnerability management tools that perform internal and external vulnerability assessments.
Deploy, manage and monitor IDS/IPS and WAF, to identify and assess network and application layer threats.
Serve as a point of contact for application, network, and cloud security inquiries.
Provide advice and assistance to teams to improve security posture.
Develop a system that provides metrics to support Information Security initiatives and security awareness across the company.
Responsible for granting, modifying, and removing user access for all enterprise applications
Responsible for LDAP user and group creation, maintenance, and removal.
Responsible for modifying file server permissions as needed for user access.
Responsible for email distribution lists and shared mailbox creations.
Responsible for Identity Management/SSO solutions.
Responsible for Mobile Device Management solutions.
Be willing to adapt to rapidly changing network security technology, and apply it to business needs.
Be experienced in the administration and support of various operating systems.
Have experience driving vendors and co-sourcing partners to successfully resolve problems.
Participate in an on-call rotation.
Respond to emergency calls during non-business hours.
Any other duties asked to perform by your manager.
Participate in various security audits. Prepare necessary security documentation and evidence during audits.
Promote awareness of applicable security policies and standards.
Implement or coordinate remediation required by audits, as necessary.
Review of security documentation and architecture to provide approvals for application deployments, firewall rules, etc.