DESCRIPTION OF ESSENTIAL DUTIES:
- Adhere to and evaluate current security procedures and standards, suggesting improvements as needed.
- Monitor and respond to security alerts as outlined by company policies and procedures.
- Follow policies and procedures to ensure cyber risk is properly managed in accordance with the risk tolerance of the company.
- Guide, support, and educate other members of the team as they work towards the common goal of safeguarding company assets.
- Assist the company with risk analysis and risk mitigation efforts.
- Maintain a deep understanding of Information Technology and security architecture.
- Use security knowledge and tools to monitor for imminent and pervasive threats to company assets.
- Automate playbooks as needed to improve response time and efficiency.
- Provide status and metric reporting and adhering to internal operational security and policies; Documents all actions taken in ticketing system.
- Complete task and project work as assigned.
OTHER RESPONSIBILITIES/REQUIREMENTS
Develop and maintain a positive relationship with equipment vendors and company personnel.
- Provide management and team members detailed information concerning current technical issues
- Continually improve the service by identifying and correcting issues or gaps in knowledge capital (analysis procedures, playbooks, network models), identifying and recommending new or updated tools, content, countermeasures, scripts, plug-ins and other “glue”
- Perform peer reviews and consultations with other Cyber Security Analysts regarding potential security incidents
- Superb communications/interpersonal skills with the ability to interact with others
- Serve as a Subject Matter Expert in at least one security-related area (e.g. reverse engineering malware, penetration testing, software testing, cryptography, etc.)
- Be available for 24/7 on-call rotation
- Ability to follow sound business ethics when executing job responsibilities
- Must have an understanding of the importance of learning and that it is never-ending.
- Must be a self-motivated individual, willing to constantly evaluate the environment for improvement.
QUALIFICATION, EDUCATION AND EXPERIENCE REQUIREMENTS:
- Bachelor of Science in Computer Science or Information Management combined with five years security or technology support experience required; Master’s degree may substitute for some work experience
- Documented experience with the following technologies: leading SIEM technologies, IDS/IPS, network- and host-based firewalls, data leakage protection (DLP)
- Working experience with possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
- Working experience with Windows and Unix administration
- Working experience with common penetration testing techniques
- Working experience with basic networking protocols such as IP, DNS, HTTP, etc.
- Working experience with system security architecture and security solutions
Preferred:
- Certification include Security+, Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH)
- Excellent interpersonal, organizational, oral and writing skills
- Strong analytical and problem-solving skills
- Self-motivated to improve knowledge and skills
- A strong desire to understand “the what” as well as “the why” and “the how” of security incidents
SUPERVISORY RESPONSIBILITIES:
- None
PHYSICAL DEMANDS/WORK ENVIRONMENT:
- Experience in a fast-paced support environment as a member of a 24x7x365 network and/or security operations team; Must be able to concentrate for long periods of time
- Must be able to lift and carry 25 pounds on occasional basis
EOE M/F/D/V AA