View Our Website View All Jobs

IT Security Analyst (345357)

Basic Function

Incumbent is responsible for pro-actively monitoring the company network to identify malicious cyber threats as well as deviations from company policy. Typical activities include log analysis, anomaly detection and research, incident response, and security system administration. This position has the responsibility for ensuring that security tools are appropriately deployed and are running optimally.  Incumbent will constantly monitor the environment for signs of trouble and are often the first point of contact when a high-risk alert is issued or a suspected attack begins to affect business operations.  Incumbent will conduct the initial stages of a forensics investigation.

Duties & Responsibilities

  • Working knowledge of security assessment and administration tools (e.g. Nessus, Nmap, Putty, Wireshark etc.)
  • Possess strong knowledge of networking concepts, infrastructure, and terminologies (TCP/IP, VPNs, Proxies, etc.)
  • Working knowledge of general IT infrastructure systems and how they work (Microsoft Exchange, Citrix, Databases)
  • Ability to analyze logs and other related data from varied systems to identify signs of a breach or security incident (e.g. firewall, IPS, Antivirus system logs, etc.)
  • Research, evaluate and deploy new technologies while remaining budget conscious
  • Possess a risk containment and management mentality towards all efforts in the enterprise with the ability to integrate security into project and development life cycles
  • Ability to create, organize and deliver presentations to end users, peers and management
  • Familiar with key security monitoring infrastructure tools (firewalls, IPS, SIEM, Email Filtering tools, etc.)
  • Ability to quickly respond and adjust to changing priorities along with the ability to manage multiple projects concurrently
  • Knowledge of and demonstrate ability to proactively research and address emerging cyber security threats and issues
  • Conduct risk assessments on proposed and existing systems
  • Develop business proposals with solid business cases to support the acquisition of new technologies, tools and systems to further enhance the enterprise’s security posture
  • Work to balance the needs of applying security controls in line with corporate guidelines and not imposing overly restrictive processes that hamper employee productivity or business partner interactions
  • Maintain, enhance and support existing computer applications and systems
  • Troubleshoot system problems and implementing resolutions
  • Develop necessary documentation per established standards
  • Adhere to Service Level Agreement, if exists, when supporting customers
  • Train and mentor newly hired Assistant IT System Analysts
  • Train and orient customers on systems and products
  • Evaluate and test off-the-shelf products to ensure their applicability to corporate business requirement
  • Review and analyze user requests for computer and communication systems, and recommend optimum solutions to meet customer requirements.
  • Manage data center facilities infrastructures, and support relevant upgrade projects
  • Analyze and approve changes to computing infrastructure, systems and application
  • Adhere to security and safety regulation and rules
  • Perform support to operations monitoring of IT systems and problems response and resolution
  • Conduct assessment and classification of Event of Interests for business applications or IT installations in well-defined areas
  • Perform vulnerability scanning, penetration testing, compliance monitoring, intrusion detection, etc.
  • Investigate into suspected attacks, hacking activities and breaches of IT Information Risk policies, and recommends remedial action in accordance with the Group’s Information Risk Incident Management Process (IRIMP) and procedures
  • Investigate and understand possible attack activities, such as scans, man in the middle, sniffing, DoS, DDoS, etc. and possible abnormal activities, such as worms, Trojans, viruses, etc.
  • Perform front line, Tier 1 triage, routing and tracking of a variety of security related inquiries, incidents and other issues
  • Review security events generated by a variety of network and/or host based security appliances (Firewalls, NIDS, HIDS, Event logs, etc.) and determine correct remediation actions and escalation paths
  • Must be able to work weekends as well as alternate shift schedules
  • Perform other duties and responsibilities as assigned

Education and Experience

  • Bachelor’s degree program in a technical field such as Computer science, Management Information Technology (MIS), Engineering, and Mathematics is strongly preferred
  • May consider candidates with technical school training or military training and seven (7) years’ experience and also may consider HS/GED candidates with ten (10) years’ work experience with a working knowledge of LAN systems and the maintenance and upkeep requirements of an information management system in lieu of Bachelor’s Degree
  • Five (5) years’ work experience in computing environment or Data Networking fields experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
  • SANS or similar technical certifications are a plus
  • Administration and management of enterprise level SIEM systems are highly desirable
  • Strong networking skills are necessary
  • Linux and scripting skills are required
  • Must be a strong team player with good communication skills
  • Experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools and other security tools found in large network environments; along with experience working with Security Information and Event Management (SEIM) solutions
  • Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host based intrusion detection systems, and other security software packages; digital Media Analysis (DMA) and prior computer forensics experience strongly desired, but not required
  • Experience with a variety of operating system experience, Windows/Linux/Unix in a functional capacity
  • Security and/or Networking experience and understanding in the following:
  • Working knowledge of general security methodologies, concepts and terminologies
  • Basic routing principles and networking fundamentals
  • Well known protocols and services (FTP,HTTP,SSH,SMB,LDAP)
  • Packet Analysis Tools (TCPDUMP, Wireshark, Ngrep)
  • Knowledge/Experience with McAfee Nitro SIEM, McAfee ePolicy
  • Orchestrator "ePO", SourceFire IPS, Juniper/Palo Alto Firewalls, and EnCase Enterprise is desired, but not required
  • Must be able to communicate technical details a clear, understandable manner
  • Must have familiarity with TCP/IP services or networks and have a passion and interest for technology as well as desire to learn more about security related platforms and malcode analysis
  • Must possess good work habits, a strong work ethic, and be able to adhere to company work hours, policies, and standard business etiquette
  • Must exemplify strong analytical kills, consensus building and strong collaboration skills are crucial

NO THIRD PARTY CANDIDATES ACCEPTED

Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, or .docx (limit 2MB) or Paste resume

Paste your resume here or Attach resume file