IT - Cyber Security Analyst II

DESCRIPTION OF ESSENTIAL DUTIES:

• Adhere to and evaluate current security procedures and standards, suggesting improvements as needed.
• Monitor and respond to security alerts as outlined by company policies and procedures.
• Follow policies and procedures to ensure cyber risk is properly managed in accordance with the risk tolerance of the company.
• Guide, support, and educate other members of the team as they work towards the common goal of safeguarding company assets.
• Assist the company with risk analysis and risk mitigation efforts.
• Maintain a deep understanding of Information Technology and security architecture.
• Use security knowledge and tools to monitor for imminent and pervasive threats to company assets.
• Automate playbooks as needed to improve response time and efficiency.
• Provide status and metric reporting and adhering to internal operational security and policies; Documents all actions taken in ticketing system.
• Complete task and project work as assigned.

OTHER RESPONSIBILITIES/REQUIREMENTS

 Develop and maintain a positive relationship with equipment vendors and company personnel.

• Provide management and team members detailed information concerning current technical issues

• Continually improve the service by identifying and correcting issues or gaps in knowledge capital (analysis procedures, playbooks, network models), identifying and recommending new or updated tools, content, countermeasures, scripts, plug-ins and other “glue”

• Perform peer reviews and consultations with other Cyber Security Analysts regarding potential security incidents
• Superb communications/interpersonal skills with the ability to interact with others

• Serve as a Subject Matter Expert in at least one security-related area (e.g. reverse engineering malware, penetration testing, software testing, cryptography, etc.)
• Be available for 24/7 on-call rotation
• Ability to follow sound business ethics when executing job responsibilities

• Must have an understanding of the importance of learning and that it is never-ending.
• Must be a self-motivated individual, willing to constantly evaluate the environment for improvement.

QUALIFICATION, EDUCATION AND EXPERIENCE REQUIREMENTS: 

• Bachelor of Science in Computer Science or Information Management combined with five years security or technology support experience required; Master’s degree may substitute for some work experience
• Documented experience with the following technologies: leading SIEM technologies, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP)
• Working experience with possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Working experience with Windows and Unix administration
• Working experience with common penetration testing techniques
• Working experience with basic networking protocols such as IP, DNS, HTTP, etc.
• Working experience with system security architecture and security solutions

Preferred:

• Certification include Security+, Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH)
• Excellent interpersonal, organizational, oral and writing skills
• Strong analytical and problem-solving skills
• Self-motivated to improve knowledge and skills
• A strong desire to understand “the what” as well as “the why” and “the how” of security incidents

SUPERVISORY RESPONSIBILITIES:

• None

PHYSICAL DEMANDS/WORK ENVIRONMENT:

• Experience in a fast-paced support environment as a member of a 24x7x365 network and/or security operations team; Must be able to concentrate for long periods of time
• Must be able to lift and carry 25 pounds on occasional basis

EOE M/F/D/V AA