Information Security Analyst III

Job Description:

The Information Security Analyst is responsible for operating information security systems and processes such as perimeter defense, endpoint security, incident response, access, authentication, monitoring, and other systems focused on the confidentiality, availability, and integrity of corporate systems and data.

ESSENTIAL JOB FUNCTIONS AND RESPONSIBILITIES:

• Conduct vulnerability and compliance scans in accordance with published schedule; develop processes to drive 100% reporting of desired devices; submit results to Compliance staff for submission to regulatory body.

• Perform analysis of scan results to identify gaps; Work with engineering staff to remediate findings.

• Identifies and resolves false positive findings in assessment results

• Perform detailed technical testing of security controls and produces detailed written reports of the test results.

• Produces vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness

• Perform periodic penetration testing of all applications and network elements for adherence to company security policies.

• Automate workflows to perform security event monitoring and incident management. Automate the detection of incidents based on available forensic data.

• Assist in investigations and remediation or mitigating solutions.

• Analyze log data and alerts, interpret and correlate events, create advanced search patterns to identify threats.

• Performs and automates vulnerability management assessment functions, and reporting

• Provides support for security tools, controls and processes.

• Supports audit and compliance needs.

• Identify security issues and risks, develop mitigation plans.

• Reviews alerts and data from sensors and documents formal, technical incident reports

• Researches emerging threats and vulnerabilities to aid in the identification of network incidents

• Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization

• Identifies and resolves false positive findings in assessment results

• Generates reports on assessment findings and summarizes to facilitate remediation tasks

• Automate workflows to perform security event monitoring and incident management. Automate the detection of incidents based on available forensic data.

• Ensures compliance with all applicable configuration standards.

• Occasional travel required.

• Able to lift twenty-five pounds.

• Participate in other projects or duties.

SUPERVISORY RESPONSIBILITIES: N/A

KNOWLEDGE, SKILLS AND ABILITIES:

• Strong analytical and problem-solving abilities.

• Ability to quickly process and synthesize highly complex information.

• Demonstrated ability to perform in high-pressure situations.

• Excellent verbal and written communication skills.

EDUCATION AND TRAINING:

• Bachelor’s degree in cyber security, network security, computer science

• Six (6) plus years of experience in technical cyber security or information technology role directly managing or operating cyber security tools.

• Technical cyber security certifications like Security + or other vendor specific security certifications

• Practical knowledge of standard security tools and technologies like endpoint protection, boundary protection, encryption, and other security suites

• Or equivalent combination of education and/or experience

Other Qualifications
The Winning Way behaviors that all Vertex employees need in order to meet the expectations of each other, our customers, and our partners.

• Communicate with Clarity - Be clear, concise and actionable. Be relentlessly constructive. Seek and provide meaningful feedback.

• Act with Urgency - Adopt an agile mentality - frequent iterations, improved speed, resilience. 80/20 rule – better is the enemy of done. Don’t spend hours when minutes are enough.

• Work with Purpose - Exhibit a “We Can” mindset. Results outweigh effort. Everyone understands how their role contributes. Set aside personal objectives for team results.

• Drive to Decision - Cut the swirl with defined deadlines and decision points. Be clear on individual accountability and decision authority. Guided by a commitment to and accountability for customer outcomes.

• Own the Outcome - Defined milestones, commitments and intended results. Assess your work in context, if you’re unsure, ask. Demonstrate unwavering support for decisions.

COMMENTS:

The above statements are intended to describe the general nature and level of work being performed by individuals in this position. Other functions may be assigned, and management retains the right to add or change the duties at any time.