Responsible for performing technical duties as a security analyst. Ability to work collaboratively within the organization to provide assurance of the confidentiality, integrity, and availability of information and data.
Are you someone who likes interfacing within a business environment with developers, network engineers, security peers, vendors and customers? Are you an effective communicator and a change agent? Are you technically proficient with enterprise networking? Do you have a strong willingness to learn? Do you enjoy the challenge of solving puzzles? Would you like to work on a small team, where you will be close to the action and make a direct impact to security? Is information security something you enjoy doing? Are you motivated to improve your InfoSec craft? If this sounds like you, then please apply.
Essential Duties and Responsibilities:
- Implement, configure, tune, update and actively manage IDS security tools.
- Effectively monitor and respond to output and alerts from security tools.
- Timely investigative firewall and SIEM alerts.
- Understand threat feeds and how to adjust security to account for new threats.
- Understand how to take alert or vulnerability data and translate it into hardening.
- Provide input and recommendations for identified security exceptions; participate in remediation efforts.
- Manage vulnerability scanning and verify timely patch management.
- Assist with incident management and response.
- Develop and maintain standard operating procedures for operational security.
- Write, update/edit policies, standards, guidelines and procedures and review annually.
- Perform security assessments of IDS and 3rd party vendors based upon NIST 800-53 framework.
- Respond to security questionnaires from current or potential customers.
- Propose changes to risk controls or operational security as needed.
- Other duties as assigned.
- Associate degree in Information Technology/Security or equivalent work/education experience.
- CompTIA Sec+, CASP or similar technical security certification and able to pass intermediate security certification with first year if required.
- 2-3 years of hands-on experience with networks and networking, patch management and hardening.
- Complete documentation of all communication and research using system tools
- Work on various special projects as needed
- Other duties as assigned
Salary: Depending on Experience and Education
Status: Hourly, Non Exempt (eligible for overtime)