What We're Looking For:
The IT Security Analyst performs two core functions for the enterprise - the day-to-day operations of the in-place security solutions and the identification, investigation, and resolution of security breaches detected by those systems. Other tasks include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments.
Participate in the planning and design of enterprise security and cloud architecture, under the direction of the VP of IT/InfoSec, where appropriate.
Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the VP of IT/InfoSec, where appropriate.
Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of the VP of IT/InfoSec, where appropriate.
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).
Maintain operational configurations of all in-place security solutions as per the established baselines.
Monitor all in-place security solutions for efficient and appropriate operations.
Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.
Participate in investigations into problematic activity.
Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.
Provide on-call support for escalations related to IT tickets for all in-place security solutions.
Formal Education & Certification:
College diploma or university degree in Computer Science and/or two years equivalent work experience. College diploma may be substituted with additional work experience per year.
Preferred one or more of the following certifications:
GIAC Information Security Fundamentals
Microsoft Certified Systems Administrator: Security
Associate of (ISC) 2
Your Knowledge & Experience:
Extensive experience with Cisco and Microsoft cloud security solutions.
Experience with SIEM, certificate authority, threat hunting, DNS, and email security.
Working technical knowledge of DLP, data retention/classification and privacy compliance.
Strong understanding of IP, TCP/IP, and other network administration protocols.
Strong understanding of Windows, Linux, and Mac OS.
Familiarity with Active Directory
Proven analytical and problem-solving abilities.
Ability to effectively prioritize and execute tasks in a high-pressure environment.
Good written, oral, and interpersonal communication skills.
Ability to conduct research into IT security issues and products as required.
Ability to present ideas in business-friendly and user-friendly language.
Highly self-motivated and directed.
Keen attention to detail.
Team-oriented and skilled in working within a collaborative environment.