Security Operations Analyst

At Ascensus, technology is more than just a solution. It powers the business that helps millions of people save for what matters—retirement, education, and healthcare.  Our technology experts tackle exciting challenges in collaborative teams, but work in an environment where individual and career development is always valued.  Technology associates leverage their talents and passion, building new and innovative platforms, creating programs founded in automation in agile frameworks, and driving existing and new markets—all of which supports the rapid growth of a dynamic industry leader.

Section 1: Position Summary

This position will be responsible for operational security responsibilities across Ascensus. The individual hired for this position requires a passion for data protection, strong problem solving and analytics, documentation, communication and organizational skills, collaborative abilities, self-motivation, innovation, efficiency and attention to detail. This position will be empowered to help guide our operational security program. Operational security reports to the Ascensus VP of Information Security & Compliance.

Section 2: Job Functions, Essential Duties and Responsibilities

• Responsible for protecting, securing, and proper handling of all confidential data held by Ascensus to ensure against unauthorized access, improper transmission, and/or unapproved disclosure of information that could result in harm to Ascensus or our clients.
• Our I-Client service philosophy and our Core Values of People Matter, Quality First and Integrity Always® should be visible in your actions on a day to day basis showing your support of our organizational culture.
• Assist with other tasks and projects as assigned

Essential Duties and Responsibilities:

• Security Event Monitoring & Response
  • Monitor security events from sources including, but not limited to:
    • IDS/IPS
    • SEIM
    • Network and web application firewalls
    • Anti-Virus/Malware’
    • Applicable server and application security logs
  • Analyze events filtering for false positives
  • Understanding of basic network services, vulnerabilities and attacks
  • Respond to and escalate events
  • Work with the security team to enhance processes & procedures
  • Contribute to and maintain documented processes around monitoring & response
  • Work closely with information security, IT, risk & governance and facilities teams.
  • Periodically report on metrics
  • Process phishing email escalations from Associates
  • Correlate events with other known social engineering attempts
• Management of Security Solutions
  • Build, manage and maintain tools including, but not limited to:
    • IDS/IPS
    • SEIM
    • Web Application Firewall
    • Anti-Virus/Malware & Endpoint Protection
    • DLP
    • Web content filtering
    • Vulnerability scanning
    • File integrity monitoring
    • Network Access Control (NAC)
  • Maintain documentation around tools
  • Champion the information security tool’s usage to maximize features
  • Review access requests around content filtering, removable media and local administrative exceptions
• Work collaboratively with the various technology teams to accomplish security objectives
• Additional security experience may be gained depending on associate’s level of interest and availability:
  • Assessing and selecting security vendors or solutions 
  • Identify emerging vulnerabilities and evaluate associated risks
  • Assisting in incident response events
    • Security testing (vulnerability scans, aspects of ethical hacking/penetration testing)
    • Detailed configuration reviews
• Assist with other tasks and projects as assigned

Supervision  

• N/A

Section 3:  Experience, Skills, Knowledge Requirements

• Experience managing security tools noted above
• Experience with monitoring and response activities
• Knowledge of information security risks, at least technical aspects including working knowledge around remediation.
• Strong written and oral communication skills. The ability to communicate effectively (clear, concise and professionally) with all levels within Ascensus.
• Highly organized and able to process and manage inventories of controls and findings.
• Excellent analytical and problem resolution skills.
• Self-starter and able to work independently.
• Persistence and strength to champion initiatives.
• 2-3 years of experience.
• Knowledge of networking preferred.
• Expert level proficiency in MS Office software applications, specifically Word, Excel and Power Point
• Bachelor’s degree or Associate’s degree plus equivalent work experience required.
• Security certifications welcomed.

We are proud to be an Equal Opportunity Employer

Be aware of employment fraud. All email communications from Ascensus or its hiring managers originate from @ascensus.com or @futureplan.com email addresses. We will never ask you for payment or require you to purchase any equipment. If you are suspicious or unsure about validity of a job posting, we strongly encourage you to apply directly through our website.