IT Security Analyst SIEM / IPS / IDS


Senior Information Security Analyst

This position is a senior role supporting the IT Security Manager for the Division of Information Technology with planning, implementing, upgrading, and/or monitoring security measures for the protection of computer networks. The Senior Information Security Analyst also assists with protecting the confidentiality, integrity, and availability of company resources, services, and data.

Key responsibilities include but not limited to:

  • Event Monitoring and Reporting (SIEM)
  • Document, prioritize, and analyze security threats, incidents, and key metrics.
  • Review daily and periodic data to identify, report, and remedy vulnerabilities/incidents
  • Provide situational awareness and attack sensing and warning through fusion, analysis and coordinated information flows gathered from a variety of system and sensor sources within the enterprise
  • Synthesize, summarize, consolidate and share potentially malicious activities by creating incident reports, updates, collaboration/chat tippers and notifications, updating incident handling databases
  • Create and lead processes that support the analysis of log files from a variety of enterprise level systems and sensors to include individual host logs, network traffic logs, firewall logs, and intrusion detection/prevention system logs
  • Analyze EDR, OS, and firewall logs, Full Packet Capture (PCAP SIEM alerts, Anti-malware alerts, Host Intrusion Prevent/Detection System (HIP/DS), and server and application logs to investigate events and incidents for anomalous activity and produce reports of findings
  • Helps improve the overall security posture through obtaining the knowledge of the enterprise systems, and to ensure the timely dissemination of security information to the appropriate stakeholders
  • Assist in the development of policies and procedures and processes to integrate risk management practices into daily operations, and ensure compliance.
  • Develop necessary security measures and operate software to protect systems and information infrastructure, including data encryption programs.
  • Work with Networking team to perform tests and uncover network vulnerabilities, and fix detected vulnerabilities to maintain a high-security standard.
  • Develop company-wide best practices for IT security, perform cyber and technical threat analyses, and remediate security issues.
  • Manage vendor assessment response process, facilitate compliance and acquire/maintain related certifications as dictated by the business needs. Conducts security risk assessments for third party applications and service providers.
  • Monitor BSUs compliance using existing Information Security standards, policies and procedures
  • Performing security monitoring, assist in identifying, limiting where possible and protecting sensitive data. Work with groups within and outside company to identify and categorize areas of information risk involving customer/confidential data, systems and processes.
  • Understand BSU's technology systems, security controls, business processes, and the teams who directly support them.
  • Investigate security breaches and other cyber security incidents. Support the information security incident management process ensuring incidents are correctly assessed, contained, and documented. Ensure all incidents have a root cause analysis report and a corrective action plan.
  • Supporting information security awareness program including operational management of the same.
  • Provide support for compliance with Data Privacy regulatory obligations such as FERPA, HIPAA.
  • Working in partnership with DIT teams to identify and prioritize controls which will improve security and recommend ways to effectively manage or reduce information risk.
  • Evaluate solution architectures against federal, state, and local law, BSU policies and standards, and best practice network security design according to applicable standards
  • Interpret regulations, statutes, policies, and standards into actionable technical guidance
  • Perform information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance.
  • Assist with external audits as they occur through gathering information, scheduling meetings, assisting auditor logistics, communications, providing audit responses and updating the BSUs compliance work plan
  • Produce and provide reports and presentations that outline findings, explain risk positions and recommend changes.
  • Perform duties to formulate risk mitigation plans based on the findings in audit assessments.
  • Track, measure, and report on the status of risk mitigation efforts based on the mitigation plans.
  • Maintain an expert level of knowledge on security and privacy including knowledge of IT security and data privacy best practices and familiarity with security policies as applicable to Cloud. Experience with cloud security and compliance tools.
  • Serve as project manager/lead within IT security projects.
  • Stay current on IT security trends and news and maintain a current understanding of relevant state-of-the-art technology, equipment, systems and the cybersecurity threat landscape.
  • Build positive working relationships with departments.

Required Knowledge, Skills, and Abilities:

  • Experience with IPS/IDS and SIEM technologies.
  • Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.
  • Prior experience in system hardening, vulnerability management, and performing security reviews and risk assessments preferred.
  • Experience in securing Windows previous and latest OS versions, LDAP, Active Directory, single sign-on, Identity Management, etc.;
  • Ability to take ownership, prioritize tasks and handle emergency situations to resolution with little direction and/or supervision.
  • Ability to produce high quality policy documentation and compliance reports
  • Establish effective working relationships, and provide quality customer service to handle issues, priorities, and situations that occur.
  • Effective oral and written communication skills
  • Experience in writing documentation, giving presentations; and coordinating effort working with a diverse group of users (technical knowledge levels and experience)
  • Information Technology knowledge and skills pertaining to securing systems, network, application, security, communication, etc.
  • Knowledge of current technological developments/trends in area of expertise.
  • Knowledge of project management,
  • Ability to provide technical guidance and leadership to professional personnel in area of expertise.
  • Technical writing skills.

Minimum Training Experience:

  • Must have an understanding of information security laws (including HIPAA, FERPA, and industry standards like PCI). Strong understanding of applicable and accepted audit and risk frameworks (such as COBIT, NIST, and ISO) preferred
  • Minimum of 4+ years experience in systems, applications, and network security, and IT Security compliance; Knowledge of security management and maintenance for PeopleSoft, Oracle, UNIX, networking, wireless, VoIP, etc.
  • Strong work experience in Information Security, Privacy & Risk Management, Audit, controls
  • Demonstrated experience conducting or being the subject of security and/or privacy audits
  • Bachelor of Science in Computer Science, Information Systems, Information Security or relevant field.

One or more of the following certifications is strongly preferred:

  • Global Information Assurance Certification (SANS/GIAC)
  • Certified Information Systems Security Professional (CISSP)
  • Systems Security Certified Practitioner (SSCP)
  • Certified Information Systems Auditor (CISA)

 
Please note: This client is not accepting candidates submitted by other staffing firms or agencies at this time. Thank you.

Applicants for this opportunity must have an unrestricted right to work in the United States.
[Persons in H-l, L-l, and OPT EAD status do not have unrestricted right to work.]
 
 
For immediate response please forward resumes to [email protected]
 
www.linkedin.com/in/ericitstaffingguru/

 
Eric Lyublinsky

Sr. IT Recruiter

(Direct)
407-205-1125
(Office) 800-360-1407
www.valintry.com

For a list of our current openings please visit Valintry's Jobs Webpage

 

Apply for this Job *Required Fields


Maximum file size: 256 MB.

Refer a friend *Required Fields







    [recaptcha class:col-sm-6]

    21-00206