IT.Security Analyst

This position calls for a Security Analyst with broad infrastructure and information technology expertise. Responsibilities include engineering and maintaining an enterprise class hybrid-cloud infrastructure. The position is within the IT security department and will be part of the internal CSIRT; position will be involved in Cyber Security incident investigations as needed.

This position is within the IT Security group, which is responsible for overseeing information security within Citco.

• Overseeing and maintaining threat protection systems: The candidate should have experience in supervising and maintaining cybersecurity systems, including EDR/EPP, URL filtering, NGFW management, and Sandboxing solutions. They should ensure that these systems are up-to-date, optimized, and promptly address any issues.
• Implementing and operating security tools and applications: The candidate should be capable of installing, operating, and maintaining various security tools and applications like network security devices, encryption solutions, and endpoint protection software. These tools are crucial for establishing a strong defense against potential cyber threats.
• Maintaining and securing cloud-based infrastructure: The candidate should assist in implementing identity and access management protocols, ensuring secure configurations of cloud environments, and staying up-to-date with cloud security best practices.
• Collaborating on security controls for cloud infrastructure: The candidate should work with internal teams and external cloud service providers to refine and implement effective security controls tailored to each cloud service's requirements.
• Creating scripts and automation for scaling security implementations: Proficiency in scripting and process automation is required to scale security configurations, conduct risk assessments, and develop mitigation strategies. Knowledge of cybersecurity assessment methodologies and scripting languages is essential.
• Recommending improvements to cloud security technologies: The candidate should stay updated on the latest developments in cloud security technologies and provide recommendations for adopting and implementing them, strengthening the organization's cybersecurity defenses.
• Troubleshooting cybersecurity incidents and implementing preventive measures: The candidate should be capable of identifying the root causes of cybersecurity incidents, resolving issues, documenting problems, and developing preventive measures to avoid similar incidents in the future.
• Improving cyber resilience across departments: Collaboration with different internal departments is necessary to promote cybersecurity awareness and assist them in enhancing their cyber resilience.
• Adhering to an enterprise-grade change management process: Familiarity with enterprise-level change management processes, including the use of ticketing applications for tracking, managing, and documenting changes, is required.
• Executing other related duties as required: The candidate may be assigned additional duties necessary for the successful execution of the role and incidental to the tasks mentioned above.

• Minimum of 3 years’ experience in enterprise scale cloud security environments.
• Good understanding of Linux and Windows security.
• Proficiency with scripting languages, and Infrastructure as Code (IaC) (e.g. Python, PowerShell, ARM, JSON)
• Excellent written communication skills in the creation of research, guidance, procedural, and support documentation.
• Excellent verbal communication skills working with team members and other support partners.
• Strong critical thinking and problem-solving ability.
• Ability to handle multiple, complex, and competing priorities and projects in a high pressure and fast paced environment.
• Familiarity with DevOps methodologies and tools (Docker, Ansible, Terraform).
• Relevant certifications are required (AWS SysOps Administrator, Azure Administrator, MCSA/E etc.).