Security Operations Analyst

The Security Operations analyst job role requires a very motivated goal driven individual with strong interpersonal, communication and organizational skills. Must be detail oriented, with a strong work ethic, able to work with minimal supervision. The role also requires an individual who will act as a security liaison with groups within and outside of the organization's IT. The Security Analyst’s primary job role is to reduce risk to JobTarget Information Systems, Platforms and Applications through the understanding and the adherence to a risk management framework and to provide governance through the drafting and socialization of security standards, guidelines, policies, and procedures.

What We Can Offer

• 20 Paid Time Off with 5 convertible to cash at the end of the year
• HMO with 1 free dependent
• Group Life and Accident Insurance
• Other exciting monetary allowances
• Great team, culture, and environment and tons of opportunity for career growth

Work Schedule: Day/Night

Work Type: Remote / Office-Based / Both

Position To Fill: One

What You'll Do

Reducing risk through governance and education:

• Responsible for being the Subject Matter Expert (SME) for Information Security Incident Response Actions, ensuring incidents are properly triaged, addressed, tracked, and closed.
• Create Incident Response Playbooks and help in developing Standard Operating Procedures (SOP).
• Responsible for performing internal and external security assessments/testing to validate the effectiveness of current security infrastructure using commonly available security assessment tools and make recommendations to remediate identified risks or vulnerabilities.
• Responsible for review and audit of assets such as VPN, Firewall, & IDS/IPS Configuration & Management.
• Responsible for assisting in the development of appropriate security related policies, procedures, guidelines, standards, benchmarks/metrics and/or processes for network infrastructure, servers, firewalls, intrusion detection/prevention (IDS/IPS) appliances and software.
• Responsible for monitoring, management and review of network security components and event management applications, as well as the ability to make prudent recommendations for improving overall network security.
• Responsible for assisting in various projects to ensure corporate governance of security and compliance with applicable regulations.
• Generates Information Security metrics and reports for executive leadership
• Liaisons with Legal for vendor management, e-discovery, and basic forensics
• Directs Security Awareness Training for employees
• Develops policy documentation

What You Need to Qualify

Core Skills

• Acts responsibly with sensitive and confidential information
• Is creative and resourceful as a problem solver
• Consistently demonstrates the drive to deliver successfully even under difficult timelines
• Has strong analytical, methodical, investigative, and auditing skills
• Knows when to make practical rational decisions that reduce risk to JobTarget information and Information systems
• Good written and verbal communications skills
• Good technical writing skills
• A critical logical thinker who is efficient and methodical

TECHNICAL SKILLS

Good understanding of the following:

• Background in a security governance model such as NIST, ISO, PCI, or HIPPA.
• Experience in developing cybersecurity policies and procedures
• Familiarity with risk management frameworks.
• Familiarity with Asset Management
• Able to define and understand various lines of business and the relationship to cybersecurity roles, responsibilities, and risk management decisions.
• Familiarity with access control management and strategies
• Able to manage vulnerability remediation through use of mitigation strategies
• Familiarity with security control assessments and procedures
• Ability to perform audits of systems, software, and security controls
• Familiarity with administering a corporate security awareness training program
• Experience with vetting vendors and vendor management
• Familiarity with legal and regulatory compliance requirements.
• HIDS/NIDS
• Network Monitoring Tools
• Case Management System
• Web Security Gateway
• Email Security
• Data Loss Prevention
• Network Access Control
• Encryption
• Vulnerability Identification

Job Experience

• 5 years in a role within Information Technology
• 1-3 years in auditing systems, applications, and networks for security risks
• 1-3 years documentation experience

Desired Technical Certifications

• Security+ or equivalent

Desired Education

• Bachelor’s Degree Required or equivalent experience