Analyst- IT Security II MYS

Basic Job Functions: 

Responsible for the technical analysis and support of specific security products and/or systems (examples: IdM, NERC-CIP, IDS/IPS, Palo Alto… etc.). Focuses on the day-to-day operation of these targeted products/systems and escalated incident review.

Education/Experience:

• Minimum 2 years of relevant work experience
• Bachelor’s degree from an accredited college or related discipline or equivalent work experience

Required Skills/Competencies:

• Working knowledge and/or demonstrated experience security tools is required.
• 1+ years of experience with IdM, UBA, ATD, IPS/IDS, NERC/CIP controls is a plus.
• 1+ years of experience with network security scanning tools (Nessus, Qualys, ISS, etc.) required.
• 1+ years of experience with Microsoft Windows 10, 7 and XP operating systems is required.
• 1+ years of experience with Microsoft Windows Server 2008 R2, 2012 R2 or 2016 operating systems is required.
• 1+ years of experience with Network server /Active Directory (AD) administration experience required
• 1+ years of experience with any Linux distribution is desired, experience with CentOS is a plus.
• Programming (scripting) experience desired.
• Hands on technical experience with and very knowledgeable of security operations, scripts reading and understanding, basic knowledge in different languages: JS, Python, PowerShell, C#
• Strong understanding of event analysis, incident response, threat intelligence, cyber investigation methodology and chain-of-custody requirements.
• Working knowledge of risk assessments, penetration testing, vulnerability analysis or disaster recovery
• Working knowledge of Firewalls is required. Palo Alto firewalls is a plus.
• Working knowledge or prior experience with SIEM (Splunk preferred) and end-point protection (SCEP, Sophos, Bit9, Carbon Black) a plus.
• Working knowledge of integrated MFA with OAUTH or SAML technologies, 1+ years’ experience with ADFS or IDaaS preferred.
• Working knowledge and/or prior experience with Digital Rights Management a plus.
• Excellent Organization / Communication Skills.

Essential Responsibilities:

Primary Responsibilities:

• Operational day-to-day support of targeted security products/systems.
• Works on various projects related to evaluating, testing, and deployment of new software systems/technology.
• Investigates, troubleshoots, analyzes and resolves problems related to the IT security infrastructure as well as application and system problems that have been escalated for senior level support.
• Monitor and audit security aspects of IT and product operations.
• Audits the First Solar AD structure to verify that only those rights and privileges necessary are properly assigned.
• Participate in solution design reviews for applications, servers and networking.
• Assessment of escalated incidents from the business departments or Security Team members
• Ensure compliance with Quality, Environment, Health and Safety and Responsible Business Alliance policies and procedures that is enforced within the organization.

Key Competencies:

• Undertakes analytical activities and delivers analysis outputs, in accordance with customer needs and conforming to agreed security standards.
• Analyses business processes identifies alternative solutions, assesses feasibility, and recommends new approaches. Contributes to evaluating the factors which must be addressed in the change program. Helps establish requirements for the implementation of changes in the business process.
• Investigates operational requirements, problems, and opportunities, seeking effective business solutions through improvements in automated and non-automated components of new or changed processes. Assists in the analysis of stakeholder objectives, and the underlying issues arising from investigations into business requirements and problems and identifies options for consideration. Identifies potential benefits, and available options for consideration. Works with clients/users in defining acceptance tests.
• Defines scope and business priorities for small-scale changes and may assist in larger scale scoping exercises. Elicits and discovers requirements from operational management and other stakeholders. Selects appropriate techniques for the elicitation of detailed requirements taking into account the nature of the required changes, established practice and the characteristics and culture of those providing the requirements. Specifies and documents business requirements as directed, ensuring traceability back to source. Analyses them for adherence to business objectives and for consistency, challenging positively as appropriate. Works with stakeholders to priorities requirements.
• Specifies and develops test scenarios to test that new/updated processes deliver improved ways of working for the end user at the same time as delivering efficiencies and planned business benefits. Records and analyses test results and report any unexpected or unsatisfactory outcomes. Uses test plans and outcomes to specify user instructions.
• Applies data analysis and data modeling techniques to establish, modify or maintain a data structure and its associated components (entity descriptions, relationship descriptions, attribute definitions).
• Reviews requirements and specifications and defines test conditions. Designs test cases and test scripts under own direction, mapping back to pre-determined criteria, recording and reporting outcomes. Analyses and reports test activities and results. Identifies and reports issues and risks associated with own work.
• Reviews requirements and specifications and defines test conditions. Designs test cases and test scripts under own direction, mapping back to pre-determined criteria, recording and reporting outcomes. Analyses and reports test activities and results. Identifies and reports issues and risks associated with own work.
• Selects and uses tools and methods to establish, clarify and communicate the user experience, users' characteristics and tasks, and identifies the technical, organizational and physical environment in which complex products or systems will operate.
• Develops implementation plans for dealing with more complex requests for change, evaluates risks to integrity of infrastructure inherent in proposed implementations, seeks authority for those activities, reviews the effectiveness of change implementation, and suggests improvement to organizational procedures governing change management. Leads the assessment, analysis, development, documentation and implementation of changes based on requests for change.
• Identifies and resolves issues with applications, following agreed procedures. Uses application management software and tools to collect agreed performance statistics. Carries out agreed applications maintenance tasks.

Physical Requirements (if any):  

• Will sit, stand or walk short distances for up to the entire duration of a shift.
• Will climb stairs on an occasional basis.
• Will lift, push or pull up to 27 pounds on an occasional basis.
• Required to use hands to grasp, lift, handle, carry or feel objects on a frequent basis.
• 20/40 vision in each eye, with or without correction, is required.
• Must be able to comply with all safety standards and procedures.
• May reach above shoulder heights and below the waist on a frequent basis.
• May stoop, kneel, or bend, on an occasional basis.
• Ability to wear personal protective equipment is required (including but not limited to, steel toed shoes, gloves, safety glasses, hearing protection, protective jacket or apron and arm guards)
• All associates working on the production floor may be required to wear a respirator at any given time and thus, the ability to wear a respirator is a condition of employment and continued employment (requires little or no facial hair)

Equal Opportunity Employer Statement: First Solar is an Equal Opportunity Employer that values and respects the importance of a diverse and inclusive workforce. It is the policy of the company to recruit, hire, train and promote persons in all job titles without regard to race, color, religion, sex, age, national origin, veteran status, disability, sexual orientation, or gender identity. We recognize that diversity and inclusion is a driving force in the success of our company.