Senior Information Security Analyst I

Candidate must reside in PA or OH to be considered.

Responsibilities include administration of systems utilized for collection/correlation of application and server logs as well as systems used for change management. Review of firewall, IDS, & VPN logs, analysis of windows audit and security logs, and examination of security logs relating to business critical applications. Investigate and document potential cybersecurity incidents.  Assists with the development of Information Security policies and frameworks in accordance to compliance requirements, FFIEC Cybersecurity Standards (as defined in the CAT), ISO 27001, NIST 800-37, and other best practices.  Other responsibilities include development and training of support staff, enforcement of corporate policies and procedures, development of procedures as needed. Participate on project teams as assigned, server as project manager/lead within IT security projects. Work with lines of business to implement new applications, define access levels, create procedures, and train support staff.  Performs information security assessments associated with third party due diligence processes. 

Strong understanding of network architectures, network security devices such as firewalls, application security controls, Windows operating systems, DLP solutions, SIEM technologies, and Active Directory/Entra required.  Understanding of cybersecurity risks and threats required.  Strong oral and written communications skills required. Minimum of 5 years’ experience in IT required.  Project management experience a plus.  Candidate must have the ability to operate effectively in crisis or emergency situations and demonstrate strong problem solving skills.  Degree or certifications in Information Security related studies preferred (CISSP, CEH, GIAC, Comp TIA Security, etc.).

Position may require non-traditional working hours to support projects.  Provides 7x24 on call support as part of an on-call rotation.   

Essential Job Responsibilities__________________________________

1. Responsible for the administration of systems utilized for collection/correlation of application and server logs as well as systems used to monitor change on internal devices.

2. Review of firewall, IDS, & VPN logs, analysis of windows audit and security logs, and examination of security logs relating to business critical applications. 

3. Participate on project teams as assigned

4. Develops and supports cybersecurity incident response plans

5. Works closely with other areas of IT to implement and maintain security controls

6. Work with lines of business to implement new applications, define access levels, create procedures, and train support staff.

7. Identify emerging threats and risks, provide recommendations to mitigate

8. Provide 7X24 support as part of an on-call rotation

Bona Fide Occupational Qualifications___________________________

1. Understanding of network architectures, network security devices such as firewalls, application security controls, Windows operating systems, DLP solutions, SIEM technologies, and Active Directory required.

2. Degree or certifications in Information Security related studies, or 5 years’ experience in related field required

3. Understanding of cybersecurity risks and threats required

4. Strong oral and written communications skills required

5. May be eligible for Telecommuting.