Information Security Analyst
Posted on Dec 31, 2020 by Request Technology
A prestigious company is on the search for an Information Security Analyst. There is 2-3 people on this security team and the client is looking for someone who came up through Windows technology and wants to learn more. This person needs in-depth experience with administration and architecture for one or more infrastructure technologies (networking, Windows OS, Linux OS, Active Directory, PKI, etc.). This analyst will assist in developing technical solutions, enhancements to existing systems, and new security tools to help mitigate security vulnerabilities and automate repeatable tasks. Any Scripting experience with Perl, Python, or Powershell is a plus.
- Participate in the planning and design of enterprise security architecture, under the direction of the Information Security Officer and/or senior team members.
- Provide analytical and technical security recommendations to other team members, other technology teams, security management, and business stakeholders.
- Identify requirements, based upon need or as the result of a security issue that puts organizations systems at risk.
- Act as liaison to other technology teams to effectively communicate, architect, and deliver security solutions.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Information Security Officer and/or senior team members, where appropriate.
- Participate in the evaluation, deployment, integration and initial configuration of new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
- Assist in developing technical solutions, enhancements to existing systems, and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Participate in defining, maintaining and auditing up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (ie, security tools) or not (ie, workstations, Servers, network devices, etc.).
- Maintain operational configurations of all in-place security solutions as per the established baselines, for those security systems solutions that are partially or wholly operated by the InfoSec team.
- Participate in the monitoring all in-place security solutions for efficient and appropriate operations.
- Aid in the review of logs and reports of all in-place devices, whether they be under direct control (ie, security tools) or not (ie, workstations, Servers, network devices, etc.).
- Interpret the implications of that activity and devise plans for appropriate resolution.
- Participate in investigations into problematic activity, as required and appropriate.
- Aid in the design and execution of vulnerability assessments, penetration tests and security audits.
- Provide on-call support for end users for all in-place security solutions that are partially or wholly operated by the InfoSec team.
- Participate in the identification of security breaches detected by security systems; and in the tracking, investigation, and resolution of these incidents.
- Bachelor's Degree in Computer Science preferred.
- Certifications in security-related practices or technology a plus.
- Minimum 3 years of information technology experience required; 1 year of experience in the InfoSec space strongly preferred.
- Working technical knowledge of several of the infrastructure technologies preferred (such as Active Directory, Server 2016 & 2019, Azure, 0365, and various AV products, Vulnerability Management).
- Familiarity with software development process and practice a plus.
- Familiarity with electronic banking technologies and applications a plus.
- Proven analytical and problem-solving abilities with ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, verbal, and interpersonal communication skills with the ability to present ideas in business-friendly and user-friendly language.
- Ability to conduct research into IT security issues and products as required.
- Highly self-motivated and directed with keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
- In-depth experience with administration and architecture for one or more infrastructure technologies (networking, Windows OS, Linux OS, Active Directory, PKI, etc.) required.
- Experience with programming languages; or Scripting languages such as Perl, Python, or Powershell strongly preferred.
- Occasional travel to various locations.
- Typical hours are Monday through Friday 8 a.m. to 5 p.m.
- Occasional weekends and after-hours as workload dictates
Set up alerts to get notified of new vacancies.