The Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security events detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.
Duties
- Manage, monitor, and remediate the posture of the Anti-Malware software on systems.
- Research and resolve malicious events. Implement measures to reduce risks associated with new malicious events.
- Maintain a deep understanding of current vulnerabilities, attacks, and countermeasures and how to respond effectively to them.
- Identifying key security risks and reporting risks to management with recommendations for corrective action.
- Generating security reports utilizing enterprise security systems.
- Complying with IT security policies and procedures.
- Report performance against established security metrics by monitoring, measuring, testing, and reporting on the effectiveness and efficiency of information security controls.
- Assist with the monitoring and testing compliance of security controls.
- Configure platform monitoring, application logging, host and network IDS/IPS.
- Review Global SOC findings and take action to reduce risk.
- Implement security requirements and controls during project deployment.
- Support the implementation and maintenance efforts of various state-of-the-art information security systems and services”.
- Analyze and recommend resolution of security related issues based on knowledge of major security products and best practices.
Required Qualifications
- Related Professional Experience: 3 - 5 years
- Information Security: 2 years minimum
- Managing AV/Anti Malware software: 2 years minimum
- Application Network, OS and DB vulnerability scanning/identification: 2 years minimum
- Email Security: 2 years minimum
- Incident Response: 1 year
- Must have good understanding of technical disciplines outside of Information Security such as Networking, Storage, Active Directory, Unix systems administration, Windows administration, Virtualization, Convergence (Voice and Video) and cloud-based technologies.
- Ability to gather data, perform analysis and summarize for presenting to management.
- Ability to foster a cooperative work environment.
- Skills in organizing resources and establishing priorities.
- Must possess good customer service skills.
- Must possess good communication skills (written/verbal).
Preferred Qualifications
- System methodologies including client server, web hosting, web content servers, policy servers, directory servers, firewalls, switches, and routers
- Understanding of Information Assurance and Information Operations technologies and various Standards and Guidelines (NIST, ISO 27001 & 27002, PCI DSS, Sarbanes Oxley)
- Operating System Hardening
- Vulnerability Assessment Testing
- Public Key Infrastructure and Identity Management
- Cross Domain Solutions
- Networks & Firewalls
- Web Application Firewalls
- Authentication Solutions
- Internet Filtering Solutions
- Vulnerability Scanning solutions
- Intrusion Monitoring
- Security Event Monitoring Solutions
Education :
- BA/BS degree in Information Systems, or related field, or equivalent experience required
- One or more of the following certifications (preferred):
- CompTIA Security+
- GIAC Information Security Fundamentals
- Microsoft Certified Systems Administrator: Security
- Associate of (ISC)2 or higher