Security Analyst

POSITION SUMMARY:

This position administers the enforcement of corporate, regulatory, and risk management policies and assists in developing, implementing, and achieving the strategic goals of the Information Security Program. The Information Security program includes policies, standards, procedures, and controls (technical, administrative, and physical) to protect customer, consumer, and proprietary information against reasonably foreseeable risks. This role is responsible for management of or auditing and reporting on intrusion prevention systems, content filtering systems, SIEM and event management systems, Antivirus, and vulnerability assessment programs.

ESSENTIAL FUNCTIONS:    

• Leading efforts to reduce overall risk by monitoring and tuning security alerts and investigating incidents.
• Defining, planning, implementing, maintaining, and upgrading security measures, policies and controls.
• Implement products and services as required to maintain compliance with existing, new, or changing regulations and auditing recommendations.
• Administer security policies to control access to resources observing least privilege.
• Manage and maintain patch installation for operating systems, software applications and Hardware as part of the overall vulnerability management system.
• Create and maintain security documentation to include policies, standards, procedures, and reports as required to support the Information Security program. 
• Protect systems by defining access privileges, control structures, and resources.
• Work closely with technology and compliance teams for troubleshooting security related problems as well as identifying and implementing security strategy.
• Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity, and make recommendations based on those findings,
• Research attempts to compromise security posture and recommend solutions.
• Manage the user awareness training program and provide additional end-user training as needed.
• Design, implement, and report on security system activity, and perform end-user activity audits.
• Work with vendors to arrange for upgrades, updates, patches and replacements on software and hardware.
• Assist with 3rd party due diligence as pertains to cybersecurity best practices.
• Perform other duties as assigned 

KNOWLEDGE, SKILLS & ABILITIES: 

Education: A Bachelor’s degree or 5 years of related experience. 
Experience: 3+ years relevant Information Security or IT Audit experience.
Certifications & Licenses: Relevant security or IT Audit certification.